.. / CVE-2023-1892

Exploit for Sidekiq < 7.0.8 - Cross-Site Scripting (CVE-2023-1892)

Description:

An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system.

Nuclei Template

View the template here CVE-2023-1892.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-1892.yaml
Copy

References:

https://huntr.com/bounties/e35e5653-c429-4fb8-94a3-cbc123ae4777
https://github.com/sidekiq/sidekiq/commit/458fdf74176a9881478c48dc5cf0269107b22214
https://nvd.nist.gov/vuln/detail/CVE-2023-1892