Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-112938. PoCs published by shpendk.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability to add an admin user and a persistent XSS vulnerability in Ushahidi 2.2. The CSRF PoC submits a form to create an admin user without user interaction, while the XSS PoC involves injecting malicious script via the username field during user creation.
Description
Ushahidi 2.2 - Multiple Vulnerabilities
Exploits (1)
This exploit demonstrates a CSRF vulnerability to add an admin user and a persistent XSS vulnerability in Ushahidi 2.2. The CSRF PoC submits a form to create an admin user without user interaction, while the XSS PoC involves injecting malicious script via the username field during user creation.