The exploit demonstrates XSS and CSRF vulnerabilities in BEdita CMS 3.5.0. It includes functional PoC code for both issues, showing how an attacker can inject malicious JavaScript or create an admin user via crafted requests.
Classification
Working Poc 100%
Attack Type
Xss | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:BEdita CMS 3.5.0
Auth required
Prerequisites:Authenticated user session for XSS · Admin user session for CSRF