This exploit demonstrates insecure cookie handling in WikiWebHelp v0.3.3, allowing an attacker to inject JavaScript to set arbitrary cookies, including admin privileges. The PoC uses browser-based JavaScript injection to manipulate session cookies.
Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:WikiWebHelp v0.3.3
No auth needed
Prerequisites:Victim must execute the provided JavaScript in their browser