Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Adobe Experience Manager - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in Adobe Experience Manager (AEM). AEM is a content management system that allows users to create, manage, and deliver digital experiences across various channels.
This module focuses on identifying and reporting instances of cross-site scripting (XSS) vulnerabilities in AEM. XSS vulnerabilities can allow attackers to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access, data theft, or other security breaches.
This module has a severity level of high, indicating the potential for significant security risks if the vulnerability is exploited.
Author: zinminphy0, dhiyaneshDK
If the "Adobe Experience Manager - Cross-Site Scripting" vulnerability is successfully exploited, it could allow attackers to execute arbitrary scripts within the context of the affected AEM application. This can lead to various consequences, including:
- Unauthorized access to sensitive information - Data manipulation or theft - Session hijacking - Phishing attacks - Defacement of web pagesThe "Adobe Experience Manager - Cross-Site Scripting" module works by sending specific HTTP requests to the target AEM application and analyzing the responses for signs of the XSS vulnerability. It uses the following matching conditions to identify potential vulnerabilities:
- Matcher 1: Checks if the response contains the string "<svg/onload=confirm(document.domain);>
" or "A JSONObject text must begin with".
- Matcher 2: Verifies if the response status code is 400 (Bad Request).
If both matching conditions are met, the module reports the presence of the XSS vulnerability in the target AEM application.
Example HTTP request:
GET /crx/de/setPreferences.jsp;%0A.html?language=en&keymap=<svg/onload=confirm(document.domain);>//a
For more information, you can refer to the reference video.