Share
## https://sploitus.com/exploit?id=WPEX-ID:8EBF56BE-46C0-4435-819F-DC30370EAFA4
As admin, Navigate to Setting >> Яндекс.Турбо >> Счетчики and enter a payload such as " onmouseover="alert(1) into all the six user input fields and submit the request.

You will observe that the payloads got successfully stored into the database and when you move the mouse cursor over these fields the JavaScript payloads get executed successfully and we get a pop-up.

Better payload (WPScanTeam): " style="animation-name:rotation" onanimationstart="alert(/XSS/)

The following fields are vulnerable to Stored Sross-Site Scripting :
Яндекс.Метрика
LiveInternet
Google Analytics
Рейтинг Mail.Ru
Rambler Топ-100
Mediascope (TNS)