CVE-2023-33829

This exploit demonstrates a stored XSS vulnerability in SCM Manager versions 1.2 to 1.60. It authenticates with provided credentials and creates a user, group, and repository with XSS payloads in their display names or descriptions.

This PoC demonstrates a stored XSS vulnerability in SCM Manager by creating users, groups, and repositories with malicious payloads in their display names or descriptions. It authenticates with provided credentials and sends crafted JSON requests to trigger the XSS.

This PoC demonstrates a stored XSS vulnerability in SCM Manager versions 1.2 to 1.60. It authenticates with provided credentials and creates a user, group, and repository with XSS payloads in vulnerable fields (displayName, description).

This repository contains a functional Python script that exploits CVE-2023-33829, a stored XSS vulnerability in SCM Manager. The PoC authenticates with admin credentials and creates users, groups, and repositories with malicious XSS payloads in their metadata fields.

This repository contains a functional Python script that exploits CVE-2023-33829, a stored XSS vulnerability in SCM Manager. The exploit authenticates with provided credentials and creates users, groups, and repositories with XSS payloads in their display names or descriptions.