Skip to content

Commit

Permalink
Fix mistake in the BRLY-2023-012 exploitation steps section
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivanovanton
ivanovanton committed Dec 4, 2024
1 parent 64ada4d commit 1712846
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Supermicro/BRLY-2023-012.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ As a result, arbitrary JavaScript code can be injected into webpages, which will
## Steps for exploitation
The first step to exploit this vulnerability is to poison the user's `language` session cookie. This can be achieved using another vulnerability in the web server (with XSS, HTTP header injection, etc.), as well as through exploitation of other system components, for example, with a malware.
The first step to exploit this vulnerability is to poison the `lang` local storage item. This can be achieved using another vulnerability in the web server (e.g. with XSS), as well as through exploitation of other system components, for example, with a malware.
To create an administrator account with username `BRLY` and password `BRLYBRLY` an attacker can poison the `lang` local storage item of an authenticated user session with administrative privileges with the following payload:
Expand Down

0 comments on commit 1712846

Please sign in to comment.