The exploit demonstrates a cross-site scripting (XSS) vulnerability in Looking Glass software by injecting malicious scripts into URL parameters. The provided URLs show how arbitrary JavaScript can be executed in the context of the victim's browser.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Looking Glass (version not specified)
No auth needed
Prerequisites:Access to a vulnerable Looking Glass instance