.. / CVE-2023-43187

Exploit for NodeBB XML-RPC Request xmlrpc.php - XML Injection (CVE-2023-43187)

Description:

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

Nuclei Template

View the template here CVE-2023-43187.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-43187.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-43187
https://github.com/jagat-singh-chaudhary/CVE/blob/main/CVE-2023-43187