-
-
Save pothi/3c8ea5b7dda0c9bbca18d7dabfd03d25 to your computer and use it in GitHub Desktop.
[POC] [CVE-2023-39777]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Summary] | |
I have discovered a Cross-Site Scripting (XSS) vulnerability in vBulletin latest version 6.0.0, which also impacts lower versions. The vulnerability allows an attacker to inject malicious scripts into the Admin Control Panel, potentially leading to unauthorized access, data theft, or further exploitation. | |
[Description] | |
The XSS vulnerability can be triggered when an authenticated user accesses to path `/admincp` and try to login to the Admin Control Panel. The vulnerability is due to inadequate input sanitization, allowing an attacker to inject malicious scripts that will execute in the context of the targeted administrator's session so as to hijack admin's credential. | |
[Steps to Reproduce] | |
1. Log in /admincp in vBulletin Admin Control Panel. | |
2. Through the 'url' parameter, it is possible to inject JS code to escape, bypass white space then trigger XSS. | |
[Malicious Payload] | |
Save the changes or perform a relevant action to trigger the execution of the injected script. | |
The malicious script executes, proving the existence of the XSS vulnerability. | |
[Affected Versions] | |
The vulnerability has been confirmed in vBulletin 6 Connect latest version 6.0.0. However, it is likely that the XSS issue also affects lower versions of the software. | |
[Impact] | |
An attacker exploiting this vulnerability could gain unauthorized access to the Admin Control Panel and potentially compromise the site's sensitive data, modify site content, and carry out other malicious actions using the administrator's privileges. | |
[Recommendation] | |
[*] I recommend the following steps to mitigate the XSS vulnerability: | |
1.Update the vBulletin software to the latest version (if available) to ensure the fix for this vulnerability is applied. | |
2.Implement proper input validation and output encoding to prevent XSS attacks in various sections of the Admin Control Panel. | |
3.Conduct a comprehensive security review to identify and address other potential security flaws in the software. | |
# Shout out to [TP Cyber Security] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment