DiveBook <= 1.1.4 – Unauthenticated Reflected XSS

Description

:A reflected Cross-Site Scripting vulnerability exists within the DiveBook log's filter functionality. Arbitrary URL parameters are reflected into the application's response, rendered by the browser as HTML or JavaScript. An attacker may abuse this functionality by sending a victim a crafted link containing JavaScript, which will execute within the context of the victim's browser. The "scrolled" parameter is also vulnerable."

Note (WPScanTeam): The attack will only work with web browsers not encoding URL parameters

Proof of Concept

The PoC will be displayed once the issue has been remediated.

Affects Plugins

divebook

No known fix

References

CVE

CVE-2020-14206

URL

https://www.hooperlabs.xyz/disclosures/divebook.php

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

3.1 (low)

Miscellaneous

Original Researcher

Hooper Labs

Verified

Yes

WPVDB ID

533d3ce1-c31d-4b81-bbc5-1451e5abd962

Timeline

Publicly Published

2020-12-09 (about 2 years ago)

Added

2020-12-09 (about 2 years ago)

Last Updated

2020-12-10 (about 2 years ago)

Other

Published

Title

Published

2015-02-08

Title

NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS

Published

2021-09-21

Title

Video Gallery - Vimeo and YouTube Gallery < 1.1.5 - Admin+ Stored Cross-Site Scripting

Published

2014-08-01

Title

timelineoptinpro - XSS

Published

2022-12-21

Title

WP Attachments < 5.0.6 - Admin+ Stored XSS

Published

2023-08-16

Title

Video Grid < 1.22 - Reflected XSS