daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2019/CVE-2019-10092.yaml

49 lines
2.3 KiB
YAML
Raw Permalink Blame History

id: CVE-2019-10092
info:
name: Apache HTTP Server <=2.4.39 - HTML Injection/Partial Cross-Site Scripting
author: pdteam
severity: medium
description: Apache HTTP Server versions 2.4.0 through 2.4.39 are vulnerable to a limited cross-site scripting issue affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious HTML code or execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Upgrade to Apache HTTP Server version 2.4.40 or later, which includes a fix for this vulnerability.
reference:
- https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
- https://nvd.nist.gov/vuln/detail/CVE-2019-10092
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2019-10092
cwe-id: CWE-79
epss-score: 0.07116
epss-percentile: 0.93987
cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: http_server
shodan-query:
- cpe:"cpe:2.3:a:apache:http_server"
- apache 2.4.49
tags: cve,cve2019,apache,htmli,injection
http:
- method: GET
path:
- '{{BaseURL}}/%5cgoogle.com/evil.html'
matchers-condition: and
matchers:
- type: word
words:
- "Proxy Error"
- type: word
words:
- "<a href=\"/\\google.com/evil.html\">"
# digest: 4a0a00473045022072c4826cd93a9111207ae811668847ecafb672d460ab75da913839db52759d3a02210096186268e2258437dea75106458c0cde8dc7812605c5a6bf5729e59d3915a269:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink