Member-only story
Assigned my First CVE-2020–28726!!
In this blog post, I’ll be sharing about how I was assigned my CVE :)
I was reading a blog post by Nimit Jain about his findings on an Open Source software which is “SeedDMS” and he inspired me to give a look at this software and see if I can find some bugs and get myself a CVE. So, This blog post is regarding the first finding which was initially an HTML Injection but then converted it into an Open Redirect.
What is SeedDMS?
SeedDMS is a free document management system with an easy to use web based user interface for small and medium sized enterprises.
SeedDMS has a demo portal which helped me to save time in installing it on my local machine. So I fired up my machine, turned on the proxy, and started using the SeedDMS as a normal user.
I interacted with a couple of functionalities while monitoring all the requests in my Burp suite’s Flow extension which is really a good extension to monitor the URLs going through your burp proxy. Coming back to the topic
