CVE-2023-38192
published 2023-10-21CVE-2023-38192: An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
PriorityP279medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.12%
62.0th percentile
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| superwebmailer | superwebmailer | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect XSS exploitation attempt by matching reflected payload in HTTP response body: look for the string 'Password" value="a">alert(document.domain);' alongside 'SuperWebMailer' ↗
- →Target endpoint is superadmincreate.php; monitor POST requests to this path with crafted Password parameter values containing HTML/JS injection characters (e.g., ">) ↗
- →Shodan query 'title:"SuperWebMailer"' can be used to identify exposed SuperWebMailer instances for asset discovery ↗
- ·Vulnerability is specific to SuperWebMailer version 9.00.0.01710; other versions are not confirmed affected ↗
- ·The XSS is reflected via the Password field on the superadmin creation page; exploitation requires user interaction (UI:R) per CVSS scoring ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m276-5338-rwf8: An issue was discovered in SuperWebMailer 9
ghsa_unreviewed·2023-10-21
CVE-2023-38192 [MEDIUM] CWE-79 GHSA-m276-5338-rwf8: An issue was discovered in SuperWebMailer 9
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
VulnCheck
superwebmailer superwebmailer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2023·CVSS 6.1
CVE-2023-38192 [MEDIUM] superwebmailer superwebmailer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
superwebmailer superwebmailer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
Affected: superwebmailer superwebmailer
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-05&host_type=src&vulnerability=cve-2023-38192; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-11&host_type=src&vulnerability=cve-2023-38192; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/m
No detection rules found.
Nuclei
SuperWebMailer 9.00.0.01710 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2023-38192 [MEDIUM] SuperWebMailer 9.00.0.01710 - Cross-Site Scripting
SuperWebMailer 9.00.0.01710 - Cross-Site Scripting
An issue was discovered in SuperWebMailer 9.00.0.01710 allowing XSS via crafted incorrect passwords.
Template:
id: CVE-2023-38192
info:
name: SuperWebMailer 9.00.0.01710 - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
An issue was discovered in SuperWebMailer 9.00.0.01710 allowing XSS via crafted incorrect passwords.
impact: |
Successful exploitation could lead to unauthorized access or data theft.
remediation: |
Implement input validation and output encoding to prevent XSS attacks.
reference:
- https://herolab.usd.de/security-advisories/usd-2023-0011/
- https://herolab.usd.de/security-advisories/
- https://nvd.nist.gov/vuln/detail/CVE-2023-38192
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C
2023-10-21
Published
Exploited in the wild