Stored XSS Vulnerability in MiniCMS V1.10 Allows Cookie Theft via mc-admin/conf.php Comment Box

Stored XSS Vulnerability in MiniCMS V1.10 Allows Cookie Theft via mc-admin/conf.php Comment Box

CVE-2019-13341 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.

Learn more about our Cms Pen Testing.