This exploit demonstrates a stored XSS vulnerability in Coaster CMS v5.5.0 by injecting malicious JavaScript payloads into form fields, which are then stored and executed when the page is viewed.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Coaster CMS v5.5.0
Auth required
Prerequisites:Access to an authenticated session in Coaster CMS · Ability to submit a crafted HTTP POST request to the vulnerable endpoint