Exploit for Feehi CMS 2.1.1 Cross Site Scripting CVE-2022-34140

Name: Exploit for Feehi CMS 2.1.1 Cross Site Scripting CVE-2022-34140
Rating: 5 (310 reviews)

2022-08-09 | CVSS -0.1

## https://sploitus.com/exploit?id=PACKETSTORM:168012
# Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)  
# Date: 02-08-2022  
# Exploit Author: Shivam Singh  
# Vendor Homepage: https://feehi.com/  
# Software Link: https://github.com/liufee/cms  
#Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/  
# Version: 2.1.1 (REQUIRED)  
# Tested on: Linux, Windows, Docker  
# CVE : CVE-2022-34140  
  
  
# Proof of Concept:  
1-Sing-up https://localhost.cms.feehi/  
2-Inject The XSS Payload in Username:  
"><script>alert(document.cookie)</script> fill all required fields and  
click the SignUp button  
3-Login to Your Account, Go to any article page then XSS will trigger.