CVE-2019-10685 PoC — Heidelberg Prinect Archive System 跨站脚本漏洞

Source

Associated Vulnerability

Description

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Print Archive System v2015 release 2.6

Readme

# CVE-2019-10685
The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the "TextField" parameter.

Exploit-DB publication at https://www.exploit-db.com/exploits/46804 </br>
PacketStorm publication at https://packetstormsecurity.com/files/152727/Prinect-Archive-System-2015-Release-2.6-Cross-Site-Scripting.html </br>
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10685

# Timeline
================</br>
2019-02-04: Discovered </br>
2019-02-25: Retest PRO environment </br>
2019-03-25: Retest on researcher's ecosystem </br>
2019-04-02: Vendor notification </br>
2019-04-03: Vendor feedback received </br>
2019-04-08: Reminder sent </br>
2019-04-08: 2nd reminder sent </br>
2019-04-11: Internal communication </br>
2019-04-26: No more feedback received from the vendor </br>
2019-04-30: New issues found </br>
2019-05-06: Public Disclosure </br>

# Heidelberg (Print Archive System v2015 release 2.6 Product) Patch and credits: 
https://www.heidelberg.com

![3_poc](https://user-images.githubusercontent.com/3140111/57228123-58eb0e80-7013-11e9-9022-918aaa26e8ea.png)

# Author
Alex Hernandez aka <em><a href="https://twitter.com/_alt3kx_" rel="nofollow">(@\_alt3kx\_)</a></em><br>

My current exploit list @exploit-db: <br>
https://www.exploit-db.com/author/?a=1074 <br>
https://www.exploit-db.com/author/?a=9576 <br>

CVE-2019-10685 with sexy screens here: https://medium.com/@alt3kx

File Snapshot

 [4.0K]  /data/pocs/accf49afa691f5e0020b8a2ca5dbb2734296837e
├── [3.4K]  CVE-2019-10685.txt
├── [ 34K]  LICENSE
└── [1.4K]  README.md

0 directories, 3 files

Remarks