Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-30213 PoC — Knowage 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-30213.yaml
Associated Vulnerability
Title:Knowage 跨站脚本漏洞 (CVE-2021-30213)
Description:Knowage是意大利Knowage公司的一套用于在传统资源和大数据系统上进行现代业务分析的开源套件。 Knowage Suite 7.3版本存在跨站脚本漏洞。攻击者可以通过"targetService"参数将任意Web脚本注入。
Description
Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.
File Snapshot

 id: CVE-2021-30213

info:
  name: Knowage Suite 7.3 - Cross-Site Scripting
  author: alph4byt3
  sev

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.