Read Time:24 Second

Posted by Andrey Stoykov on Mar 24

# Exploit Title: Stored XSS via Send Message Functionality –
dolphin.prov7.4.2
# Date: 03/2025
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Date: 03/2025
# Tested on: Debian 12
# Blog:
https://msecureltd.blogspot.com/2025/03/friday-fun-pentest-series-20-stored-xss.html

Stored XSS via Send Message Functionality:

Steps to Reproduce:

1. Login and visit “http://192.168.58.170/dolphinCMS/mail.php?mode=compose"
2. Add…

Read More

More Stories

cri-tools1.29-1.29.0-11.fc41

FEDORA-2025-37c6639afe Packages in this update: cri-tools1.29-1.29.0-11.fc41 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

cri-tools1.29-1.29.0-11.fc42

FEDORA-2025-adae8279e3 Packages in this update: cri-tools1.29-1.29.0-11.fc42 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

cri-tools1.29-1.29.0-11.fc43

FEDORA-2025-5dbc7adb84 Packages in this update: cri-tools1.29-1.29.0-11.fc43 Update description: Automatic update for cri-tools1.29-1.29.0-11.fc43. Changelog * Sat Mar 29 2025 Bradley G...