.. / CVE-2019-12461

Exploit for WebPort 1.19.1 - Cross-Site Scripting (CVE-2019-12461)

Description:

Web Port 1.19.1 is vulnerable to cross-site scripting via the /log type parameter.

Nuclei Template

View the template here CVE-2019-12461.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-12461.yaml
Copy

References:

https://webport.se/nedladdningar/
https://emreovunc.com/blog/en/WebPort-Reflected-XSS-02.png
https://nvd.nist.gov/vuln/detail/CVE-2019-12461
https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS/