This exploit demonstrates a stored XSS vulnerability in Library CMS 2.1.1 via the title parameter in the /admin/book/create/ endpoint. The payload injects a script tag that triggers an alert, confirming the vulnerability.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Library CMS - Powerful Book Management System v2.1.1
Auth required
Prerequisites:Access to the admin panel · Valid session cookie