Mod_cluster/mod_proxy_cluster: stored cross site scripting
CVE-2023-6710
Key Information
- Vendor
- Red Hat
- Status
- Jboss Core Services For Rhel 8
- Jboss Core Services On Rhel 7
- Red Hat Enterprise Linux 9
- Red Hat Jboss Core Services 1
- Vendor
- CVE Published:
- 12 December 2023
Badges
Summary
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.
Affected Version(s)
JBoss Core Services for RHEL 8 <= 0:1.3.20-3.el8jbcs
JBoss Core Services on RHEL 7 <= 0:1.3.20-3.el7jbcs
Red Hat Enterprise Linux 9 <= 0:1.3.20-1.el9_4
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability Reserved
Vulnerability published