• Stored Xss in OnePageCrm


    Aslam-O-Alaikum,

    Friends,Hope You all are Fine.Today i am Going to Share the PoC of Stored Xss i Recently Founded in
    OnepageCrm.

    OnepageCrm:

    OnePageCRM is a simple online sales CRM for small business. Focus on your Next Action to easily convert leads into customers and grow your business.

    Summary Of Report
  • Submitted: 2016-11-20 15:33:41 UTC
  • State changed to resolved :2016-11-29 13:00:26 UTC
    • While Testing OnePageCrm I Oberved that Signup Field(Address Field) 
    Is Vulnerable to Xss so i try That and it Popup with my happiness.

    1.Signup with Contact Name in Address Field Below:-
    <script>alert(1);</script>
    2.Login with account
    3.Xss Executed

    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,


    0 comments:

    Post a Comment

    Powered by Blogger.