Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Drupal Avatar Uploader - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#xss#drupal#edb#packetstorm
Description

What is the "Drupal Avatar Uploader - Cross-Site Scripting?" module?

The "Drupal Avatar Uploader - Cross-Site Scripting" module is a test case designed to detect a cross-site scripting vulnerability in the Drupal Avatar Uploader v7.x-1.0-beta8 plugin. This vulnerability affects the slider import search feature and tab parameter via plugin settings. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.

This module was authored by bywalks.

Impact

A successful exploitation of the cross-site scripting vulnerability in the Drupal Avatar Uploader plugin could allow an attacker to inject malicious scripts into the website, potentially leading to unauthorized access, data theft, or other malicious activities.

How does the module work?

The "Drupal Avatar Uploader - Cross-Site Scripting" module performs a series of HTTP requests and matches the responses against specific conditions to determine if the vulnerability is present. One example of an HTTP request made by the module is:

GET /avatar_uploader.pages.inc?file=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E

The module then checks the response body, headers, and status code against the following conditions:

- The response body contains the HTML code <div><script>alert(document.domain)</script></div> - The response headers include the word "text/html" - The response status code is 200 (OK)

If all of these conditions are met, the module reports a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/avatar_uploader.pag...
Matching conditions
word: <div><script>alert(document.domain)</scr...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability