CVE-2023-3479 PoC — HestiaCP 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-3479.yaml

Associated Vulnerability

Title:HestiaCP 跨站脚本漏洞 (CVE-2023-3479)
Description:HestiaCP是一个适用于现代网络的轻量级且功能强大的控制面板。 HestiaCP 1.7.8之前版本存在跨站脚本漏洞，该漏洞源于容易受到反射型跨站脚本(XSS)攻击。

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.

File Snapshot


 id: CVE-2023-3479

info:
  name: Hestiacp <= 1.7.7 - Cross-Site Scripting
  author: edoardottt
  sev

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.