Working exploit code for CVE-2019-17625
CVE-2019-17625 There is a stored XSS vulnerability in rambox 069 due to unsantized parameters in the name field when a user is adding a service Since rambox runs on NodeJS this allows for the use of OS commands to be injected into an <a> or <img> tag Note: This code has only been tested on MacOS and may need to be reconfigured for other operating