# Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting (XSS)  
# Exploit Author: Joe Pollock  
# Date: September 03, 2022  
# Vendor Homepage:  
# Software Link:  
# Tested on: Kali Linux, Apache, Mysql  
# CVE: CVE-2022-30003 (RESERVED)  
# Vendor: oretnom23  
# Version: v1.0  
# Exploit Description:  
# Online Market Place Site v1.0 suffers from an authenticated stored Cross-Site Scripting (XSS) vulnerability allowing attackers to register  
# as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.  
To reporduce:  
1. Sign as a Seller (or create an account) then add a product by navigating to 'Products' > 'Add New'.  
2. Add an XSS payload (e.g. <script>alert(1)</script>) within the 'Product Title' and/or 'Short Description' fields.  
3. Click 'SAVE' - the XSS payload(s) will be executed immediately or anytime the product is viewed.