# Exploit Title: Seo Panel 4.8.0 - 'search_name' Reflected XSS
# Date: 21-03-2021
# Exploit Author: Piyush Patil
# Vendor Homepage:
# Version: Seo Panel 4.8.0
# Tested on: Windows 10 and Kali
# CVE : CVE-2021-28417

 A cross-site scripting (XSS) issue in the SEO admin login panel version 4.8.0 allows remote attackers to inject JavaScript via the "redirect" parameter.

-Payload used:

-Steps to reproduce:
1- Login to SEO admin panel
2- Add below line at the end:
3- Hover your mouse near to "CTR" field