Headline
CVE-2023-34835: CVE-2023-34835/README.md at main · sahiloj/CVE-2023-34835
A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter.
eScan Management Console 14.0.1400.2281 - Reflected Cross Site Scripting
Description: Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter.
Vulnerable Product Version: 14.0.1400.2281
Date: 23/06/2023
CVE: CVE-2023-34835
CVE Author: Sahil Ojha
Vendor Homepage: https://www.escanav.com
Software Link: https://cl.escanav.com/ewconsole.dll
Tested on: Windows
Steps to reproduce:
Login into the eScan Management Console with a valid user credential. Here, escan management console is on internal network.
Navigate to “Report Template” feature and select any random report and click on delete button.
Capture the post request in burpsuite and inject the XSS paylaod into “delete_file” parameter.
After forwarding the request, an XSS alert will pop up with user sesssion cookie which could be chained and escalted to perform account takeover.