[CVE-2022–42096]Backdrop-XSS-at-Posts

GrimTheRipper
Oct 31, 2022

--

Enter your username and password; the account must have admin privileges.

Select Content > add content > Post

Enter information into the form provided and Enter the XSS payload in the Body field. Choose “Raw HTML” Editor and Save.

The XSS payload will run immediately.

POC:

--

--

GrimTheRipper

You get the best out of others when you give the best of yourself