Plateforme
php
Composant
cves
Corrigé dans
1.0.1
CVE-2023-7135 is a problematic cross-site scripting (XSS) vulnerability discovered in Record Management System version 1.0. This vulnerability allows an attacker to inject malicious scripts into the application, potentially compromising user sessions and stealing sensitive information. The affected component is the 'offices.php' file within the 'main' directory, specifically the 'officename' parameter. A patch is available in version 1.0.1.
The primary impact of CVE-2023-7135 is the potential for cross-site scripting (XSS) attacks. An attacker can inject arbitrary JavaScript code into the Record Management System by manipulating the 'officename' parameter in the 'offices.php' file. This malicious script can then execute in the context of a user's browser, allowing the attacker to steal cookies, redirect users to phishing sites, or deface the application. The vulnerability is remotely exploitable, meaning an attacker does not need to be authenticated to exploit it. Given the public disclosure of this vulnerability, it is highly likely that attackers are actively scanning for and exploiting vulnerable instances.
This vulnerability has been publicly disclosed and a proof-of-concept (PoC) is likely available. The CVSS score of 2.4 indicates a LOW severity, but the ease of exploitation and potential impact on user data warrant immediate attention. The vulnerability is tracked by VDB-249138. Given the public disclosure, it is reasonable to assume that attackers are actively scanning for and exploiting vulnerable instances.
Organizations using Record Management System version 1.0 are at risk. Specifically, those with publicly accessible instances of the system or those that handle sensitive user data are particularly vulnerable. Shared hosting environments where multiple users share the same Record Management System instance are also at increased risk.
• generic web: Use curl to test the /main/offices.php endpoint with a crafted payload like officename="><script>alert(1)</script>. Check the response for the alert box.
curl 'http://your-record-management-system/main/offices.php?officename="><script>alert(1)</script>'• generic web: Examine access and error logs for suspicious requests containing <script> tags or other XSS payloads targeting the officename parameter.
• generic web: Review response headers for any unusual content or redirects that might indicate XSS activity.
disclosure
Statut de l'Exploit
EPSS
0.13% (percentile 33%)
Vecteur CVSS
The recommended mitigation for CVE-2023-7135 is to immediately upgrade to version 1.0.1 of the Record Management System. This version contains a fix for the XSS vulnerability. If upgrading is not immediately possible, consider implementing input validation and output encoding on the 'officename' parameter in 'offices.php' to sanitize user input. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. After upgrading, confirm the fix by attempting to inject a simple XSS payload (e.g., <script>alert(1)</script>) into the 'officename' parameter and verifying that the script does not execute.
Actualizar a una versión parcheada del Record Management System. Si no hay una versión disponible, sanitizar la entrada del parámetro 'officename' en el archivo /main/offices.php para evitar la ejecución de código JavaScript malicioso. Escapar o eliminar las etiquetas HTML y JavaScript antes de mostrar el valor en la página.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2023-7135 is a cross-site scripting (XSS) vulnerability in Record Management System version 1.0, allowing attackers to inject malicious scripts via the 'officename' parameter in 'offices.php.'
Yes, if you are using Record Management System version 1.0, you are affected by this vulnerability. Upgrade to version 1.0.1 to mitigate the risk.
The recommended fix is to upgrade to version 1.0.1. As a temporary workaround, implement input validation and output encoding on the 'officename' parameter.
Given the public disclosure and low CVSS score, it is likely that attackers are actively scanning for and exploiting vulnerable instances.
Refer to VDB-249138 for details on this vulnerability.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.