CVE-2022-46889
published 2023-01-19CVE-2022-46889: A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web…
PriorityP338medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
60.11%
99.0th percentile
A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nexusphp | nexusphp | < 1.7.33 | 1.7.33 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST/GET requests to /subtitles.php for script or HTML injection payloads within the 'title' parameter, indicating exploitation of the persistent XSS vulnerability. ↗
- ·Exploitation requires the attacker to be a remote authenticated user; unauthenticated access alone is insufficient to trigger the persistent XSS. ↗
- ·The vulnerability affects NexusPHP versions before 1.7.33; instances running 1.7.33 or later are not affected. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
https://github.com/xiaomlove/nexusphp/releases/tag/v1.7.33https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilitieshttps://github.com/xiaomlove/nexusphp/releases/tag/v1.7.33https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilities
2023-01-19
Published