This exploit demonstrates a cross-site scripting (XSS) vulnerability in Prontus CMS by injecting JavaScript code via the 'page' parameter in the URL. The vulnerability arises due to insufficient input sanitization, allowing arbitrary script execution in the context of the affected site.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Prontus CMS
No auth needed
Prerequisites:Access to a vulnerable Prontus CMS instance