Skip to content

Instantly share code, notes, and snippets.

@harsh-bothra

harsh-bothra/CVE-2020-23989

Last active February 4, 2021 01:19
Show Gist options
  • Save harsh-bothra/d8c86b8279b23ff6d371f832ba0a5b6b to your computer and use it in GitHub Desktop.
Save harsh-bothra/d8c86b8279b23ff6d371f832ba0a5b6b to your computer and use it in GitHub Desktop.
Download ZIP
Cross-Site Scripting in NeDi 1.9C
Raw
CVE-2020-23989
Product: NeDi - Find IT
CVE: CVE-2020-23989
Version: 1.9C
Vulnerability: Reflected Cross-Site Scripting
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "oid" parameter at "pwsec.php" page.
# Steps to Reproduce
1. Log in to the application with provided credentials.
2. Navigate to "https://<nedi_server_ip>/pwsec.php" page.
3. Add "oid" parameter at the end of the URL with XSS Payload like below:
> https://<nedi_server_ip>/pwsec.php?oid=<img src=x onerror=alert(document.domain)>
4. Observe that the XSS Payload provided in Step-3 is executed.
@Peithon
Copy link

Peithon commented Jan 29, 2021

Hi. I am not sure which CMS Record you are referring to. I have reported the issue via Mitre to get this into the light.

Hi.I am glad to receive your reply. I apologize for not expressing my question. I want to submit some vulnerabilities to CVE recently, so I took the liberty to ask you for advice. First of all, I am at https://github.com /NeDi-FindIt/nedi/issues did not see that you have any relevant vulnerability feedback records, so I am curious how you reported the vulnerability; secondly, the CVE number is http://cve.mitre.org/cgi-bin/cvename.cgi ?name=CVE-2020-23989, the creation time of the gist address of the References information is later than the CVE number allocation time, how is this done? Your reply will solve a lot of my doubts, looking forward to your reply

When we submit an issue through MITRE (you can either approach to the vendor or go through MITRE for open-source projects), we also provide a working proof of concept/steps to reproduce the issue while submitting it to MITRE. The team further verifies and assigns a CVE Number. Now, in order to publish the CVE, you need to provide a PoC through GitHub or something which is later published. Also, sometimes the CVE no. is blocked based on the vendor as well. In this case, the CVE was requested about 3 months before it was allocated. After which it was asked to provide the details which were shared through this GIST. This is the reason you are seeing the difference in publication dates. I hope it clarifies your doubts.

Thanks, this is very helpful to me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment