Skip to content

Instantly share code, notes, and snippets.

Last active September 23, 2023 11:41
  • Star 2 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
[POC] [CVE-2023-39777]
I have discovered a Cross-Site Scripting (XSS) vulnerability in vBulletin latest version 6.0.0, which also impacts lower versions. The vulnerability allows an attacker to inject malicious scripts into the Admin Control Panel, potentially leading to unauthorized access, data theft, or further exploitation.
The XSS vulnerability can be triggered when an authenticated user accesses to path `/admincp` and try to login to the Admin Control Panel. The vulnerability is due to inadequate input sanitization, allowing an attacker to inject malicious scripts that will execute in the context of the targeted administrator's session so as to hijack admin's credential.
[Steps to Reproduce]
1. Log in /admincp in vBulletin Admin Control Panel.
2. Through the 'url' parameter, it is possible to inject JS code to escape, bypass white space then trigger XSS.
[Malicious Payload]
Save the changes or perform a relevant action to trigger the execution of the injected script.
The malicious script executes, proving the existence of the XSS vulnerability.
[Affected Versions]
The vulnerability has been confirmed in vBulletin 6 Connect latest version 6.0.0. However, it is likely that the XSS issue also affects lower versions of the software.
An attacker exploiting this vulnerability could gain unauthorized access to the Admin Control Panel and potentially compromise the site's sensitive data, modify site content, and carry out other malicious actions using the administrator's privileges.
[*] I recommend the following steps to mitigate the XSS vulnerability:
1.Update the vBulletin software to the latest version (if available) to ensure the fix for this vulnerability is applied.
2.Implement proper input validation and output encoding to prevent XSS attacks in various sections of the Admin Control Panel.
3.Conduct a comprehensive security review to identify and address other potential security flaws in the software.
# Shout out to [TP Cyber Security]
Copy link

This is very good

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment