Language Dropdown Menu Manipulation
Discription

Hello

It is possible to manipulate the Language Dropdown Menu and change it to anything the attacker wants.

Process of the Vulnerability:
1. Login
2. Go Miscellaneous -> Email & file templates
3. Add Template -> Change & Save and intercept the Request
4. Change the Language to anything you want

—-

Lets see 🙂

As you can see there are specific Languages nobody can select anything else.

Lets put HACKED inside it 🙂

The language is now HACKED lets see

AS you can see the language is now HACKED and it got accepted even if we have a Dropdown Menu
with specific Languages to choose from

Thank you for watching 🙂

Best regards
Ahmed HassanRead More

Back to Main

Subscribe for the latest news: