This exploit demonstrates a stored XSS vulnerability in MiniCMS 1.10 by injecting a malicious script into the 'content box' via the page-edit.php interface. The payload executes when the saved page is viewed, triggering an alert with the document domain.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:MiniCMS 1.10
Auth required
Prerequisites:Access to the MiniCMS admin panel · Ability to edit pages