.. / CVE-2020-20988

Exploit for DomainMOD 4.13.0 - Cross-Site Scripting (CVE-2020-20988)

Description:

DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the “or Expiring Between” parameter.

Nuclei Template

View the template here CVE-2020-20988.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-20988.yaml
Copy

References:

https://mycvee.blogspot.com/p/xss2.html
https://nvd.nist.gov/vuln/detail/CVE-2020-20988