Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Cross-Site Scripting in NeDi 1.9C
Product: NeDi - Find IT
CVE: CVE-2020-23989
Version: 1.9C
Vulnerability: Reflected Cross-Site Scripting
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "oid" parameter at "pwsec.php" page.
# Steps to Reproduce
1. Log in to the application with provided credentials.
2. Navigate to "https://<nedi_server_ip>/pwsec.php" page.
3. Add "oid" parameter at the end of the URL with XSS Payload like below:
> https://<nedi_server_ip>/pwsec.php?oid=<img src=x onerror=alert(document.domain)>
4. Observe that the XSS Payload provided in Step-3 is executed.
@NicoleG25

This comment has been minimized.

Copy link

@NicoleG25 NicoleG25 commented Nov 3, 2020

Hi could you be more specific as to why you think Nedi is vulnerable? I can't seem to find the file you are specifying in https://github.com/NeDi-FindIt/nedi

@harsh-bothra

This comment has been minimized.

Copy link
Owner Author

@harsh-bothra harsh-bothra commented Nov 3, 2020

Hi. Please download and deploy this: https://www.nedi.ch/download/ & further you will find this endpoint vulnerable. Let me know if you still face issues to reproduce it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment