Description
- It was noted that the application lacked password change functionality
Lack of Password Change Functionality #1
- Login with low privilege user and see that there is no password change functionality
![]() |
Description
- It was noted that the application lacked password change functionality
Lack of Password Change Functionality #1
![]() |
Description
- It was noted that the application was vulnerable to Open Redirect in the "Login Page"
Open Redirect "Login Page" Functionality 1#
Description
- It was noted that the application was vulnerable to Cross-Site Scripting (XSS) in the "Edit General Info"
Stored XSS "Edit General Info"#1
Steps to Reproduce
Description
- It was noted that the application was vulnerable to Cross-Site Scripting (XSS) in the "Create Page".
Stored XSS "Create Page" #1
Description
- It was noted that the application was vulnerable to Stored Cross-Site Scripting (XSS) in the "Edit Header"
Stored XSS "Edit Header" #1
Steps to Reproduce:
// HTTP Response
Description
- It was noted that the application was vulnerable to Directory Traversal in the "Site Title"
Description
- It was noted that the application was vulnerable to Stored XSS via SVG file upload
XSS via SVG File Upload #1:
Description - It was noted that the application lacked password change functionality Lack of Password Change Functionality #1 Steps to Repro...