.. / CVE-2021-45422

Exploit for Reprise License Manager 14.2 - Cross-Site Scripting (CVE-2021-45422)

Description:

Reprise License Manager 14.2 contains a cross-site scripting vulnerability in the /goform/activate_process “count” parameter via GET.

Nuclei Template

View the template here CVE-2021-45422.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-45422.yaml
Copy

References:

https://seclists.org/fulldisclosure/2022/Jan/31
https://nvd.nist.gov/vuln/detail/CVE-2021-45422
http://reprise.com
https://www.getinfosec.news/13202933/reprise-license-manager-142-reflected-cross-site-scripting#/
https://github.com/ARPSyndicate/kenzer-templates