The exploit demonstrates a reflected XSS vulnerability in Web TV v3 by injecting a script tag into the 'chn' parameter, which executes arbitrary JavaScript in the context of the affected site.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Web TV v3
No auth needed
Prerequisites:User interaction required to click the malicious link