Lucene search

K
hackeroneMaskedpersianH1:2479161
HistoryApr 25, 2024 - 3:55 p.m.

U.S. Dept Of Defense: reflected xss [CVE-2020-3580]

2024-04-2515:55:33
maskedpersian
hackerone.com
36
cross-site scripting
xss
cookie stealing
arbitrary requests
malware download
website defacement
bug bounty
u.s. dept of defense

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.971 High

EPSS

Percentile

99.8%

Hey Security Team
It was observed that the application is vulnerable to cross-site scripting (XSS). XSS is a type of attack that involves running a malicious scripts on a victim’s browser.
website: ███████ attached
When the user clicks submit, his information will be stolen

Impact

Cookie Stealing - A malicious user can steal cookies and use them to gain access to the application.
Arbitrary requests - An attacker can use XSS to send requests that appear to be from the victim to the web server.
Malware download - XSS can prompt the user to download malware. Since the prompt looks like a legitimate request from the
site, the user may be more likely to trust the request and actually install the malware.
Defacement - attacker can deface the website usig javascript code.

System Host(s)

███████

Affected Product(s) and Version(s)

CVE Numbers

Steps to Reproduce

payload attached

Suggested Mitigation/Remediation Actions

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.971 High

EPSS

Percentile

99.8%