PMB v7.4.1 - Cross Site Scripting

What is "PMB v7.4.1 - Cross Site Scripting?"

The "PMB v7.4.1 - Cross Site Scripting" module is designed to detect a cross-site scripting vulnerability in the PMB CMS (Content Management System). This vulnerability allows an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser. The severity of this vulnerability is classified as medium, with a CVSS score of 5.4.

This module was authored by r3Y3r53.

Impact

If successfully exploited, this vulnerability can lead to various consequences, including:

- Execution of arbitrary code in the user's browser - Theft of sensitive information - Session hijacking - Defacement of the affected website

How the module works?

The "PMB v7.4.1 - Cross Site Scripting" module works by sending a specific HTTP request to the target PMB CMS installation. The request is designed to exploit the vulnerability by injecting malicious code into the "no_search" parameter. The module then analyzes the response to determine if the injection was successful.

Matching conditions used by this module include:

- Checking if the response body contains the injected script tag: <script>alert(1337)</script> - Checking if the response body contains specific keywords like "PMB Group" or "pmbDojo" - Checking if the response header indicates a content type of "text/html" - Checking if the response status code is 200 (OK)

If all of these conditions are met, the module reports a vulnerability.

For more information, you can refer to the GitHub repository.