.. / CVE-2023-4451

Exploit for Cockpit - Cross-Site Scripting (CVE-2023-4451)

Description:

Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

Nuclei Template

View the template here CVE-2023-4451.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-4451.yaml
Copy

References:

https://github.com/Cockpit-HQ/Cockpit/commit/30609466c817e39f9de1871559603e93cd4d0d0c
https://nvd.nist.gov/vuln/detail/CVE-2023-4451
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/cockpit-hq/cockpit/commit/30609466c817e39f9de1871559603e93cd4d0d0c
https://huntr.dev/bounties/4e111c3e-6cf3-4b4c-b3c1-a540bf30f8fa/