Tiki Wiki CMS Groupware 5.2 - Cross-Site Scripting

What is the "Tiki Wiki CMS Groupware 5.2 - Cross-Site Scripting?"

The "Tiki Wiki CMS Groupware 5.2 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in Tiki Wiki CMS Groupware version 5.2. This module targets the Tiki Wiki CMS Groupware software and aims to identify instances where an attacker can inject malicious scripts into web pages viewed by other users. The severity of this vulnerability is classified as high, indicating the potential for significant impact on the affected system.

Impact

A successful exploitation of the cross-site scripting vulnerability in Tiki Wiki CMS Groupware 5.2 can allow an attacker to execute arbitrary scripts within the context of a user's browser. This can lead to various malicious activities, including stealing sensitive information, manipulating website content, or performing unauthorized actions on behalf of the user.

How the module works?

The module utilizes HTTP request templates and matching conditions to identify instances of the cross-site scripting vulnerability in Tiki Wiki CMS Groupware 5.2. It sends HTTP GET requests to the "/tiki-5.2/tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(31337)%3C/script%3E" endpoint, injecting a script that triggers an alert. The module then checks the response for specific conditions to confirm the presence of the vulnerability.

The matching conditions include:

- Response status code 200 - Presence of the script "" in the response body - Presence of the header "text/html" in the response header

If all the matching conditions are met, the module reports the vulnerability, indicating the presence of a cross-site scripting vulnerability in the targeted Tiki Wiki CMS Groupware 5.2 installation.