CVE-2022-50896

EIP tracks 1 public exploit for CVE-2022-50896. PoCs published by Ashkan Moghaddas.

AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Testa 3.5.1 by injecting a malicious script via the 'redirect' parameter in the login page URL. The payload triggers an alert dialog, confirming the vulnerability.

Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context.