cbcvebase.
CVE-2022-46889
published 2023-01-19

CVE-2022-46889: A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web…

PriorityP338medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
60.11%
99.0th percentile
A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
nexusphpnexusphp< 1.7.331.7.33

Detection & IOCsextracted from sources · hover to see the quote

path/subtitles.php
  • Monitor POST/GET requests to /subtitles.php for script or HTML injection payloads within the 'title' parameter, indicating exploitation of the persistent XSS vulnerability.
  • ·Exploitation requires the attacker to be a remote authenticated user; unauthenticated access alone is insufficient to trigger the persistent XSS.
  • ·The vulnerability affects NexusPHP versions before 1.7.33; instances running 1.7.33 or later are not affected.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.