Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "PMB v7.4.1 - Cross Site Scripting" module is designed to detect a cross-site scripting vulnerability in the PMB CMS (Content Management System). This vulnerability allows an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser. The severity of this vulnerability is classified as medium, with a CVSS score of 5.4.
This module was authored by r3Y3r53.
If successfully exploited, this vulnerability can lead to various consequences, including:
- Execution of arbitrary code in the user's browser - Theft of sensitive information - Session hijacking - Defacement of the affected websiteThe "PMB v7.4.1 - Cross Site Scripting" module works by sending a specific HTTP request to the target PMB CMS installation. The request is designed to exploit the vulnerability by injecting malicious code into the "no_search" parameter. The module then analyzes the response to determine if the injection was successful.
Matching conditions used by this module include:
- Checking if the response body contains the injected script tag:<script>alert(1337)</script>
- Checking if the response body contains specific keywords like "PMB Group" or "pmbDojo"
- Checking if the response header indicates a content type of "text/html"
- Checking if the response status code is 200 (OK)
If all of these conditions are met, the module reports a vulnerability.
For more information, you can refer to the GitHub repository.