CVE-2023-37189 PoC — Issabel PBX 跨站脚本漏洞

Source

Associated Vulnerability

Readme

## Issabel-pbx 4.0.0-6 - Stored Cross Site Scripting ###

**Description:**
A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4.0.0-6 allows attackers to execute arbitrary code i.e JavaScripts or HTML code via a crafted payload entered into the Name or Prefix fields in the Create New Rate module.

**Vulnerable Product Version:**
issabel-pbx 4.0.0-6

**Date:**
07/07/2023

**CVE:** 
CVE-2023-37189

**CVE Author:**
Sahil Ojha

**Vendor Homepage:**
https://www.issabel.org/

**Software Link:** 
https://github.com/IssabelFoundation/issabelPBX

**Tested on:** 
Windows

**Steps to reproduce:**
1. Go to issabel PBX application and login with admin credentials.
 
2.	Navigate to  to the “Reports --> Billing --> Rates” section, input the XSS payload in the categories Prefix and Name field as shown in the image below.  

  ![HTML Render](https://github.com/sahiloj/CVE-2023-37189/blob/main/2.png)
  --              

3.	Click on the save button and the payload will be executed. Whenever the webpage is visited by any user the script executes in the victim’s browser and retrieves session cookies of the victim.
 
 ![HTML Render](https://github.com/sahiloj/CVE-2023-37189/blob/main/3.png)
 --
 ![HTML Render](https://github.com/sahiloj/CVE-2023-37189/blob/main/4.png)
 --

File Snapshot

 [4.0K]  /data/pocs/3d01d293bc31587f1ee16183def1e4ffc87d38bb
├── [ 85K]  2.png
├── [ 43K]  3.png
├── [ 11K]  4.png
└── [1.3K]  README.md

0 directories, 4 files

Remarks