Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability

0
55

Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability

The Web UI in Metasploit version 4.1.0 suffers from a stored cross site scripting vulnerability discovered by “Stefan Schurtz”.

Technical Details
Login to Web UI -> Create New Project -> Project name -> ‘”</script><script>alert(document.cookie)</script>

Source: Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability