.. / CVE-2023-3479

Exploit for Hestiacp <= 1.7.7 - Cross-Site Scripting (CVE-2023-3479)

Description:

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.

Nuclei Template

View the template here CVE-2023-3479.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-3479.yaml
Copy

References:

https://github.com/hestiacp/hestiacp/commit/2326aa525a7ba14513af783f29cb5e62a476e67a
https://huntr.dev/bounties/6ac5cf87-6350-4645-8930-8f2876427723/
https://nvd.nist.gov/vuln/detail/CVE-2023-3479