CVE-2023-6710
Mod_cluster/mod_proxy_cluster: stored cross site scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.
Se encontró una falla en mod_proxy_cluster en el servidor Apache. Este problema puede permitir que un usuario malintencionado agregue un script en el parámetro 'alias' de la URL para activar la vulnerabilidad de Cross-Site Scripting (XSS) Almacenado. Al agregar un script en el parámetro alias en la URL, agrega un nuevo host virtual y agrega el script a la página del administrador del clúster. El impacto de esta vulnerabilidad se considera bajo, ya que la URL cluster_manager no debe exponerse al exterior y está protegida por usuario/contraseña.
An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and information leakage vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-12-12 CVE Reserved
- 2023-12-12 CVE Published
- 2023-12-28 First Exploit
- 2025-01-09 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (8)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/178561 | 2024-05-14 | |
| https://github.com/DedSec-47/Metasploit-Exploits-CVE-2023-6710 | 2023-12-28 | |
| https://github.com/DedSec-47/CVE-2023-6710 | 2023-12-28 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1316 | 2024-04-30 | |
| https://access.redhat.com/errata/RHSA-2024:1317 | 2024-04-30 | |
| https://access.redhat.com/errata/RHSA-2024:2387 | 2024-04-30 | |
| https://access.redhat.com/security/cve/CVE-2023-6710 | 2024-04-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2254128 | 2024-04-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Modcluster Search vendor "Modcluster" | Mod Proxy Cluster Search vendor "Modcluster" for product "Mod Proxy Cluster" | - | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||