This repository was archived by the owner on May 7, 2024. It is now read-only.
This repository was archived by the owner on May 7, 2024. It is now read-only.
CVE-2023-39791 #829
Description
I found an Stored XSS in Konga Dashboard v0.14.9. This type of XSS leads to account takeover admin accounts. I explained the details in the link below.
https://docs.google.com/document/d/1v7k1lYxIvMc6Jgxea1-blCJ2FV0XBl3z8hSrbfYaufk/edit?usp=sharing