Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2017-7188 PoC — Zurmo 跨站脚本漏洞

Source
https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC
Associated Vulnerability
Title:Zurmo 跨站脚本漏洞 (CVE-2017-7188)
Description:Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse.
Description
Zurmo-Stable-3.1.1 Cross Site Scripting (XSS) Assigned CVE Number:  CVE-2017-7188
Readme
# Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC
Zurmo-Stable-3.1.1 Cross Site Scripting (XSS) Assigned CVE Number:  CVE-2017-7188
File Snapshot

 [4.0K]  /data/pocs/6251d73e72932425ee74888e0fadefd2a8427b40
├── [ 124]  README.md
└── [140K]  Zurmo-Stable-3.1.1-XSS-POC-by-Provensec-LLC.pdf

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →