cbcvebase.
CVE-2021-26723
published 2021-02-06

CVE-2021-26723: Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.

PriorityP344medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
10.95%
95.3th percentile
Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.

Affected

1 ranges
VendorProductVersion rangeFixed in
jenzabarjenzabar9.2.0 – 9.2.2

Detection & IOCsextracted from sources · hover to see the quote

url/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E
  • Look for reflected XSS payload in HTTP response body: the string `>alert(document.domain)` appearing unencoded in the HTML body of a 200 OK response to a GET request against /ics?tool=search&query=
  • Probe is a single GET request to /ics with parameters tool=search and a URL-encoded XSS payload in the query parameter; match on Content-Type: text/html header and HTTP 200 status code alongside the reflected payload in the body.
  • Response Content-Type must be text/html for the XSS to be exploitable; confirm this header is present alongside the reflected payload.
  • ·Vulnerability affects Jenzabar versions 9.2.x through 9.2.2 only; the XSS is reflected via the `query` parameter of the /ics endpoint.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.