G3WSuite

GIS3W: Persistent XSS in G3WSuite 3.5 – CVE-2023-29998

GIS3W: Persistent XSS in G3WSuite 3.5 – CVE-2023-29998

Overview

During an engagement on a client's public infrastructure, we detected an exposed installation of G3WSuite. Since we were asked to perform a black box pentest on the G3WSuite installation, we had to find a way to gather as much information about the target as possible. Luckily for us,...