There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T16:47:59.919Z
Reserved: 2020-11-18T00:00:00
Link: CVE-2020-28927

No data.

Status : Modified
Published: 2020-11-23T20:15:12.900
Modified: 2024-11-21T05:23:18.740
Link: CVE-2020-28927

No data.