Minimum requirements: Docker & Git working.
You can pull the image from DockerHub or:
- docker on
$ git clone https://github.com/dnr6419/CVE-2021-45416.git
$ cd CVE-2021-45416
$ docker-compose up -d- Visit the URL and Install the Database
http://YOURIP:80/InstallDatabase.php
-
Than, Go to the [http://YOURIP:80/InstallDatabase.php]
-
Default admin/password is "admin/admin"
-
Go to the Scheduling -> Student Schedule
- Course Choose and click the search
- Input the XSS payload
- You can See the alert
https://github.com/86x/CVE-2021-45416
https://github.com/francoisjacquet/docker-rosariosis