Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Mida eFramework - Cross-Site Scripting

By kannthu

Vidoc logoVidoc Module

What is the "Mida eFramework - Cross-Site Scripting?" module?

The "Mida eFramework - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Mida eFramework software. This vulnerability allows an attacker to execute arbitrary scripts in the browser of an unsuspecting user. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.

This module was authored by pikpikcu.


If exploited, this cross-site scripting vulnerability can lead to various security risks, including unauthorized access to sensitive information, session hijacking, and the potential for further attacks on the affected system.

How does the module work?

The "Mida eFramework - Cross-Site Scripting" module works by sending a specific HTTP request to the target system. The request is designed to exploit the cross-site scripting vulnerability in the Mida eFramework software. The module then uses matching conditions to determine if the vulnerability is present.

For example, the module may send a POST request to the target system with specific payload parameters that contain malicious scripts. It then checks if the response status is 200 and if the response body contains the specific script payload. If both conditions are met, the module identifies the presence of the vulnerability.

It is important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various security issues.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
status: 200and
word: "><script>javascript:alert(document.cook...
Passive global matcher
No matching conditions.
On match action
Report vulnerability