Plataforma
php
Componente
cve_hub
Corrigido em
1.0.1
CVE-2023-5697 is a problematic cross-site scripting (XSS) vulnerability affecting CodeAstro Internet Banking System versions 1.0 through 1.0. This flaw allows attackers to inject malicious scripts into the application, potentially compromising user accounts and sensitive data. A fix is available in version 1.0.1, and the vulnerability details have been publicly disclosed.
The vulnerability lies within the pageswithdrawmoney.php file, specifically in how it handles the accountnumber parameter. An attacker can craft a malicious URL containing a specially crafted accountnumber value (e.g., 287359614--><ScRiPt>alert(1234)</ScRiPt><!--) that, when processed by the application, will execute arbitrary JavaScript code in the user's browser. This could lead to session hijacking, redirection to phishing sites, or the theft of sensitive information like login credentials and financial details. The impact is particularly severe given the context of an internet banking system, where users entrust sensitive financial data.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. While the CVSS score is LOW, the potential impact on users of an internet banking system is significant. No KEV listing or active exploitation campaigns are currently known, but the public disclosure makes it a priority for remediation. The vulnerability was published on 2023-10-22.
Users of CodeAstro Internet Banking System versions 1.0 through 1.0 are at risk. This includes individuals and businesses relying on this system for online banking transactions. Shared hosting environments where multiple websites share the same server resources are particularly vulnerable, as a compromise of one website could potentially affect others.
• php: Examine the pageswithdrawmoney.php file for unsanitized use of the account_number parameter. Search for instances where user input is directly outputted to the HTML without proper encoding.
// Example of vulnerable code
<?php
echo $_GET['account_number']; // Vulnerable to XSS
?>• generic web: Monitor access logs for requests containing suspicious characters in the account_number parameter, such as <script> tags or event handlers.
grep '<script' /var/log/apache2/access.log• generic web: Check response headers for the presence of X-XSS-Protection or Content-Security-Policy headers, which can help mitigate XSS attacks.
disclosure
Status do Exploit
EPSS
0.07% (percentil 22%)
CISA SSVC
Vetor CVSS
The primary mitigation is to upgrade to version 1.0.1 of CodeAstro Internet Banking System, which contains the fix for this vulnerability. If upgrading immediately is not possible, consider implementing input validation and sanitization on the accountnumber parameter to prevent the injection of malicious scripts. Web application firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. Monitor application logs for suspicious activity, particularly requests containing unusual characters or patterns in the accountnumber parameter.
Actualizar a una versión parcheada del sistema Internet Banking System de CodeAstro. Contacte al proveedor para obtener la versión corregida o aplique las medidas de seguridad necesarias para evitar la inyección de código XSS en el campo account_number del archivo pages_withdraw_money.php. Valide y escape las entradas del usuario para prevenir la ejecución de scripts maliciosos.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2023-5697 is a cross-site scripting (XSS) vulnerability in CodeAstro Internet Banking System versions 1.0-1.0, allowing attackers to inject malicious scripts.
Yes, if you are using CodeAstro Internet Banking System version 1.0 or 1.0, you are potentially affected by this vulnerability.
Upgrade to version 1.0.1 of CodeAstro Internet Banking System to remediate the vulnerability. Implement input validation and WAF rules as temporary measures.
While no active exploitation campaigns are currently known, the vulnerability has been publicly disclosed, increasing the risk of exploitation.
Refer to CodeAstro's official website or security advisory channels for the latest information and updates regarding CVE-2023-5697.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.