0c65b881ba
10 changes to exploits/shellcodes/ghdb Milesight Routers UR5X_ UR32L_ UR32_ UR35_ UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption WhatsUp Gold 2022 (22.1.0 Build 39) - XSS Clinic's Patient Management System 1.0 - Unauthenticated RCE Curfew e-Pass Management System 1.0 - FromDate SQL Injection GYM MS - GYM Management System - Cross Site Scripting (Stored) MISP 2.4.171 - Stored XSS TASKHUB-2.8.8 - XSS-Reflected Wordpress 'simple urls' Plugin < 115 - XSS
17 lines
No EOL
637 B
Text
17 lines
No EOL
637 B
Text
# Exploit Title: MISP 2.4.171 Stored XSS [CVE-2023-37307] (Authenticated)
|
|
# Date: 8th October 2023
|
|
# Exploit Author: Mücahit Çeri
|
|
# Vendor Homepage: https://www.circl.lu/
|
|
# Software Link: https://github.com/MISP/MISP
|
|
# Version: 2.4.171
|
|
# Tested on: Ubuntu 20.04
|
|
# CVE : CVE-2023-37307
|
|
|
|
# Exploit:
|
|
Logged in as low privileged account
|
|
|
|
1)Click on the "Galaxies" button in the top menu
|
|
2)Click "Add Cluster" in the left menu.
|
|
3)Enter the payload "</title><script>alert(1)</script>" in the Name parameter.
|
|
4)Other fields are filled randomly. Click on Submit button.
|
|
5)When the relevant cluster is displayed, we see that alert(1) is running |