Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "SquirrelMail Virtual Keyboard <=0.9.1 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the SquirrelMail Virtual Keyboard plugin version 0.9.1 and earlier. This plugin allows users to input text using a virtual keyboard. The severity of this vulnerability is classified as medium.
A cross-site scripting vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. In the case of the SquirrelMail Virtual Keyboard plugin, this vulnerability could be exploited to execute arbitrary code or steal sensitive information from users.
The module sends an HTTP GET request to the vulnerable endpoint: /plugins/vkeyboard/vkeyboard.php?passformname=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
. It then applies several matching conditions to determine if the vulnerability is present:
</script><script>alert(document.domain)</script>
.
- The response header must contain the string text/html
.
If all the matching conditions are met, the module reports the vulnerability.
Author: dhiyaneshDk
CWE-ID: CWE-80
CVSS-Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS-Score: 5.4