id: dzzoffice-xss info: name: Dzzoffice 2.02.1_SC_UTF8 - Cross-Site Scripting author: arafatansari severity: medium description: | A XSS vulnerability was discovered in dzzoffice 2.02.1_SC_UTF8, There is a Reflected XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter. reference: - https://github.com/zyx0814/dzzoffice/issues/183 metadata: verified: true shodan-query: http.html:"dzzoffice" tags: dzzoffice,xss requests: - raw: - | POST /index.php?mod=system&op=orgtree&do=orgtree HTTP/1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded; charset=UTF-8 id=%23&nouser=0&moderator=0&zero=&stype=0&range=0&showjob=0 matchers-condition: and matchers: - type: word words: - '"text":"' - type: word part: header words: - text/html - type: status status: - 200