CVE-2021-26723
published 2021-02-06CVE-2021-26723: Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.
PriorityP344medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
10.95%
95.3th percentile
Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenzabar | jenzabar | 9.2.0 – 9.2.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for reflected XSS payload in HTTP response body: the string `>alert(document.domain)` appearing unencoded in the HTML body of a 200 OK response to a GET request against /ics?tool=search&query= ↗
- →Probe is a single GET request to /ics with parameters tool=search and a URL-encoded XSS payload in the query parameter; match on Content-Type: text/html header and HTTP 200 status code alongside the reflected payload in the body. ↗
- →Response Content-Type must be text/html for the XSS to be exploitable; confirm this header is present alongside the reflected payload. ↗
- ·Vulnerability affects Jenzabar versions 9.2.x through 9.2.2 only; the XSS is reflected via the `query` parameter of the /ics endpoint. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Jenzabar 9.2.2 - 'query' Reflected XSS.
exploitdb·2021-02-08
Jenzabar 9.2.2 - 'query' Reflected XSS.
Jenzabar 9.2.2 - 'query' Reflected XSS.
---
# Exploit Title: Jenzabar 9.2.2 - 'query' Reflected XSS.
# Date: 2021–02–06
# Exploit Author: y0ung_dst
# Vendor Homepage: https://jenzabar.com
# Version: Jenzabar — v9.2.0-v9.2.1-v9.2.2 (and maybe other versions)
# Tested on: Windows 10
# CVE : CVE-2021–26723
-Description:
A Reflected Cross-site scripting (XSS) vulnerability in Jenzabar v9.2.0 through 9.2.2. Attacker could inject web script or HTML via the query parameter (aka the Search Field). To exploit the vulnerability, someone must click the link.
-Payload used:
">alert(1)
-Example :
https://localhost/ics?tool=search&query=">alert(1)
-Steps to reproduce:
1. Open a website that use Jenzabar v9.2.0 through 9.2.2.
2. In the Search Field, enter anything.
3. Edit the query by replacing t
Nuclei
Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-26723 [MEDIUM] Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query.
Template:
id: CVE-2021-26723
info:
name: Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Apply the latest security patch or upgrade to a non-vulnerable version of Jenzabar 9.2x-9.2.2.
reference:
- http://packetstormsecurity.com/files/161303/J
No writeups or analysis indexed.
http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.htmlhttps://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205https://jenzabar.com/bloghttps://y0ungdst.medium.com/xss-in-jenzabar-cve-2021-26723-a0749231328http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.htmlhttps://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205https://jenzabar.com/bloghttps://y0ungdst.medium.com/xss-in-jenzabar-cve-2021-26723-a0749231328
2021-02-06
Published