.. / CVE-2023-5556

Exploit for Structurizr on-premises - Cross Site Scripting (CVE-2023-5556)

Description:

Cross-site Scripting (XSS) - Reflected in GitHub repository structurizr/onpremises prior to 3194.

Nuclei Template

View the template here CVE-2023-5556.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-5556.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-5556
https://huntr.com/bounties/a3ee0f98-6898-41ae-b1bd-242a03a73d1b/
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/structurizr/onpremises/commit/6cff4f792b010dfb1ff6a0b4ae1c6e398f8f8a18