This exploit demonstrates a stored XSS vulnerability in Feng Office Community Edition by submitting a malicious form with JavaScript payloads in the 'filename' and 'slimContent' fields. The payload triggers an alert upon page load, confirming the vulnerability.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Feng Office Community Edition (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable Feng Office instance