This is a writeup describing a stored XSS vulnerability in Rayzz Photoz, where an attacker can inject malicious script code via the 'ADD SCRAP' feature on a member's profile. The writeup outlines steps to exploit the vulnerability but does not include actual exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Rayzz Photoz (version not specified)
Auth required
Prerequisites:Registered user account · Access to a member's profile with the 'ADD SCRAP' feature