.. / CVE-2023-6379

Exploit for OpenCMS 14 & 15 - Cross Site Scripting (CVE-2023-6379)

Description:

Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the ‘Mercury’ template.

Nuclei Template

View the template here CVE-2023-6379.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-6379.yaml
Copy

References:

https://github.com/msegoviag/msegoviag
https://nvd.nist.gov/vuln/detail/CVE-2023-6379
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-alkacon-software-opencms
https://github.com/fkie-cad/nvd-json-data-feeds
https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2023-6379