The document details XSS and CSRF vulnerabilities in KusabaX <= 0.9.1, including technical analysis of vulnerable code in 'animation.php' and 'manage_page.php', along with proof-of-concept exploit examples.
Classification
Writeup 95%
Attack Type
Xss | Sqli
Complexity
Trivial
Reliability
Reliable
Target:KusabaX <= 0.9.1
No auth needed
Prerequisites:Access to vulnerable KusabaX instance · User interaction for XSS · Admin session for CSRF