EIP-2026-110230
PRE-CVEOpen Flash Chart - 'get-data' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-110230. PoCs published by Deepankar Arora.
AI-analyzed exploit summary The exploit demonstrates a cross-site scripting (XSS) vulnerability in Open Flash Chart by injecting a JavaScript payload via the 'get-data' parameter in the SWF file URL. The payload executes arbitrary script code in the context of the affected site, potentially stealing cookies or performing other malicious actions.
Description
Open Flash Chart - 'get-data' Cross-Site Scripting
Exploits (1)
The exploit demonstrates a cross-site scripting (XSS) vulnerability in Open Flash Chart by injecting a JavaScript payload via the 'get-data' parameter in the SWF file URL. The payload executes arbitrary script code in the context of the affected site, potentially stealing cookies or performing other malicious actions.