top of page
Sentence 19
A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter.
Actual
-
Exploit mechanism: cross site scripting (XSS), crafted payload
-
Exploit objective: execute arbitrary web scripts or HTML
-
Attack pathway: authenticated attackers
Predicted
-
Exploit mechanism: stored cross site scripting (XSS)
-
Exploit objective: execute arbitrary web scripts or HTML
-
Attack pathway: authenticated attackers
bottom of page