Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Lucee - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#lucee#xss#unauth
Description

What is "Lucee - Cross-Site Scripting?"

The "Lucee - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Lucee software. Lucee is a server-side scripting language that allows developers to create dynamic web applications. This module focuses on identifying and reporting instances where Lucee allows remote attackers to inject arbitrary JavaScript into the server's responses. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.

Impact

If exploited, the cross-site scripting vulnerability in Lucee can enable attackers to execute malicious scripts on the affected web application. This can lead to various security risks, including unauthorized access, data theft, and the potential for further compromise of user accounts or sensitive information.

How the module works?

The "Lucee - Cross-Site Scripting" module operates by sending HTTP requests to specific paths within the Lucee application. It then analyzes the responses received from the server, looking for specific patterns or conditions that indicate the presence of a cross-site scripting vulnerability.

One example of a request sent by this module is:

GET /lucees3ezf%3cimg%20src%3da%20onerror%3dalert('{%randTextAlphanumeric(10)%}')%3elujb7/admin/imgProcess.cfm

The module includes matching conditions that check the response body for the presence of certain words or phrases, such as "<img src=a onerror=alert('{{randstr}}')>", "MissingIncludeException", and "lucee-err". If any of these conditions are met, the module will report a potential cross-site scripting vulnerability.

For more information, please refer to the original author of this module.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/lucees3ezf%3cimg%20.../lucee/lucees3ezf%3c...
Matching conditions
word: <img src=a onerror=alert('{{randstr}}')>...
Passive global matcher
No matching conditions.
On match action
Report vulnerability