// For flags

CVE-2023-6710

Mod_cluster/mod_proxy_cluster: stored cross site scripting

Severity Score

5.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.

Se encontró una falla en mod_proxy_cluster en el servidor Apache. Este problema puede permitir que un usuario malintencionado agregue un script en el parámetro 'alias' de la URL para activar la vulnerabilidad de Cross-Site Scripting (XSS) Almacenado. Al agregar un script en el parámetro alias en la URL, agrega un nuevo host virtual y agrega el script a la página del administrador del clúster. El impacto de esta vulnerabilidad se considera bajo, ya que la URL cluster_manager no debe exponerse al exterior y está protegida por usuario/contraseña.

Apache mod_proxy_cluster suffers from a cross site scripting vulnerability.

*Credits: Red Hat would like to thank Mohamed Mounir Boudjema (Intervalle-Technologies) for reporting this issue.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-12-12 CVE Reserved
  • 2023-12-12 CVE Published
  • 2023-12-28 First Exploit
  • 2024-11-11 EPSS Updated
  • 2024-11-24 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Modcluster
Search vendor "Modcluster"
Mod Proxy Cluster
Search vendor "Modcluster" for product "Mod Proxy Cluster"
--
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
9.0
Search vendor "Redhat" for product "Enterprise Linux" and version "9.0"
-
Affected