Hesk Rtl CMS 1 Cross Site Scripting

====================================================================================================================================| # Title     : Hesk Rtl CMS v1 XSS Vulnerability                                                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://p30vel.ir                                                                                                  || # Dork      : فارسی سازی توسط وحید مجیدی / اسکریپت دات کام                                                                       |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] This vulnerability affects : /Hesk/ajax.php. [+] Attack details :    URI was set to ;997612"():;991161    The input is reflected inside <script> tag between double quotesGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================