CVE-2023-29489
Description
An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Severity: MEDIUM
CVE ID: CVE-2023-29489
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
CVE ID: CVE-2023-29489
CVSS Score: 5.3
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Proof Of Concept
Nuclei Templates for CVE-2023-29489
Refrence: Project Discovery GitHub
learnerboy88
Nuclei template for CVE-2023-29489
Refrence: GitHub
xKore123
Refrence: GitHub
ipk1
a pyhton script to test all results from shodan for cPanel CVE-2023-29489, credits to @assetnote, I just automate
Refrence: GitHub
Mostafa-Elguerdawi
Refrence: GitHub
Mostafa-Elguerdawi
Refrence: GitHub
haxor1337x
Scanner CVE-2023-29489 Python (Selenium)
Refrence: GitHub
whalebone7
To filter the actual vulnerable URLs from the screenshots, you can use the ee.sh script. Simply run ./ee.sh -f "path/to/index_screenshot.txt" -k "hacked" and the script will filter the URLs that contain the reflective XSS payload (For Example: cPanel CVE-2023-29489 ) in their screenshots.
Refrence: GitHub
1337r0j4n
CVE-2023-29489 mass exploit
Refrence: GitHub
Abdullah7-ma
CVE-2023-29489-XSS
Refrence: GitHub
tucommenceapousser
Refrence: GitHub
tucommenceapousser
Refrence: GitHub
ViperM4sk
Mass Exploitation For (CVE-2023-29489)
Refrence: GitHub
S4muraiMelayu1337
Refrence: GitHub
SynixCyberCrimeMy
SynixCyberCrimeMY CVE-2023-29489 Scanner By SamuraiMelayu1337 & h4zzzzzz@scc
Refrence: GitHub
Makurorororororororo
Refrence: GitHub
prasad-1808
This Tool is used to check for CVE-2023-29489 Vulnerability in the provided URL with the set of payloads available
Refrence: GitHub
mdaseem03
cpanel_xss_2023 is a simple Python script designed for finding CVE-2023-29489 vulnerability in cpanel.
Refrence: GitHub
some-man1
CVE-2023-29489 exploit
Refrence: GitHub
Cappricio-Securities
An issue was discovered in cPanel before 11.109.9999.116. Cross-Site Scripting can occur on the cpsrvd error page via an invalid webcall ID.
Refrence: GitHub