The exploit demonstrates a persistent and non-persistent XSS vulnerability in NovaBoard <= 1.0.1. The persistent XSS is triggered via a crafted message containing JavaScript, while the non-persistent XSS is executed through a malformed search query parameter.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:NovaBoard <= 1.0.1
Auth required
Prerequisites:Authenticated user access for persistent XSS · No authentication required for non-persistent XSS