CVE-2020-17453 PoC — WSO2 Management Console 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-17453.yaml

Associated Vulnerability

Title:WSO2 Management Console 跨站脚本漏洞 (CVE-2020-17453)
Description:WSO2 Management Console是美国WSO2公司的一个应用软件。一个管理控制台。 WSO2 Management Console through 5.10 存在跨站脚本漏洞，该漏洞允许通过carbon admin login.jsp msgId参数进行XSS。

Description

WSO2 Management Console through 5.10 is susceptible to reflected cross-site scripting which can be exploited by tampering a request parameter in Management Console. This can be performed in both authenticated and unauthenticated requests.

File Snapshot


 id: CVE-2020-17453

info:
  name: WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting
  aut

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!