CVE-2022-30777 PoC — Parallels H-Sphere 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-30777.yaml

Associated Vulnerability

Title:Parallels H-Sphere 跨站脚本漏洞 (CVE-2022-30777)
Description:Parallels H-Sphere是美国Parallels公司的一个网络托管自动化控制面板。用于共享网络托管服务。 Parallels H-Sphere 3.6.2 版本存在安全漏洞，该漏洞源于通过 index_en.php 的 from 参数可以进行跨站脚本注入。

Description

Parallels H-Sphere 3.6.1713 contains a cross-site scripting vulnerability via the index_en.php 'from' parameter.

File Snapshot


 id: CVE-2022-30777

info:
  name: Parallels H-Sphere 3.6.1713 - Cross-Site Scripting
  author: 3th1c

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!