Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Gnuboard 5 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Gnuboard 5 software. Gnuboard 5 is a popular content management system (CMS) used for creating and managing websites. This module focuses on a specific vulnerability related to the $_GET['LGD_OID'] parameter. The severity of this vulnerability is classified as medium, with a CVSS score of 5.4. The module was authored by arafatansari.
A cross-site scripting vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. This can lead to various security risks, including unauthorized access to sensitive information, session hijacking, and the execution of arbitrary code on the victim's browser.
The "Gnuboard 5 - Cross-Site Scripting" module works by sending a specific HTTP request to the target website. The request path includes the vulnerable parameter, LGD_OID, which is injected with a malicious script. The module then checks for specific conditions to determine if the vulnerability is present:
- The response body must contain the string "LGD_OID = <script>alert(document.domain)</script>". - The response headers must include the "text/html" content type. - The response status code must be 200.If all of these conditions are met, the module reports the presence of the cross-site scripting vulnerability.
For example, the module sends the following HTTP request:
GET /mobile/shop/lg/mispwapurl.php?LGD_OID=%3Cscript%3Ealert(document.domain)%3C/script%3E
It then checks the response for the specified conditions to determine if the vulnerability exists.
For more information, you can refer to the Huntr website.