πŸŒ€>> Zabbix 5.0.0 - Stored XSS via URL Widget Iframe <<πŸŒ€>> Exploit Author: Shwetabh Vishnoi <<πŸŒ€

seovendor

*****
seovendor
2,396
Rep
34,976
Likes
Supreme
Posts
3,189
Threads
2,738
Joined
Jul 2020
OP 
Sign Up or Login to view this post and enjoy everything our site has to offer!
# Exploit Title: Zabbix 5.0.0 - Stored XSS via URL Widget Iframe
# Date: 8/11/2020
# Exploit Author: Shwetabh Vishnoi

# Vendor Homepage:
You must reply before you can see the hidden data contained here.
# Software Link:
You must reply before you can see the hidden data contained here.
# Affected Version: Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1
# CVE : CVE-2020-15803

Affected URL/endpoint(s):
http://192.168.1.7/zabbix.php?sid=f7ca8c8270ce38c7&action=dashboard.widget.check

Affected Param: <iframe src="http://localhost/hello.html" scrolling="auto"
id="iframe" class="widget-url" width="100%" height="100%"></iframe>

Description: The application contains a widget functionality within Global
View Dashboard which can be used by a malicious admin to propagate stored
cross site scripting attack. The β€œURL” widget iframe does not have any
inbuilt restrictions for the content executing within.

Impact: The malicious webpages within iframes can be used for hosting forms
for Phishing, malware propagation, forced redirections etc.

The affected Global View dashboard is displayed to all the users of the
application, so all the users will be affected with this vulnerability.

Reproduction Steps:
You must reply before you can see the hidden data contained here.
 

Musk007

9
Rep
118
Likes
King of Carding
Posts
4,990
Threads
0
Joined
May 2021
Sign Up or Login to view this post and enjoy everything our site has to offer!
Thanks for the content
 

foucon

0
Rep
0
Likes
Junior Carder
Posts
14
Threads
0
Joined
Jun 2019
Sign Up or Login to view this post and enjoy everything our site has to offer!
thxxxxxxxxxxxxxxxxxxxxxx