CVE-2023-0676 – This CVE describes a reflected cross-site scrip... (How to Fix)

Q: What is the severity of CVE-2023-0676?

CVE-2023-0676 has a CVSS score of 6.1 (MEDIUM). This CVE describes a reflected cross-site scripting (XSS) vulnerability in phpIPAM versions prior to 1.5.1. Attackers can inject malicious scripts into web pages that are then executed in victims' browsers when they visit specially crafted URLs. Organizations running vulnerable phpIPAM instances are affected.

📋 TL;DR

This CVE describes a reflected cross-site scripting (XSS) vulnerability in phpIPAM versions prior to 1.5.1. Attackers can inject malicious scripts into web pages that are then executed in victims' browsers when they visit specially crafted URLs. Organizations running vulnerable phpIPAM instances are affected.

💻 Affected Systems

Products:

phpIPAM

Versions: All versions prior to 1.5.1

Operating Systems: Any OS running phpIPAM

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations of phpIPAM before version 1.5.1 regardless of configuration.

📦 What is this software?

Phpipam by Phpipam

View all CVEs affecting Phpipam →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on client systems.

🟠

Likely Case

Session hijacking leading to unauthorized access to the IP address management system, potentially allowing network configuration changes.

🟢

If Mitigated

Limited impact with proper input validation and output encoding; modern browsers with XSS filters may block some attacks.

🌐 Internet-Facing: HIGH - Reflected XSS requires user interaction but can be delivered via phishing or malicious links.

🏢 Internal Only: MEDIUM - Still exploitable by internal attackers or via compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available on GitHub; reflected XSS typically requires user interaction but is easy to weaponize.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.1

Vendor Advisory: https://github.com/phpipam/phpipam/commit/94ec73ff1d33926b75b811ded6f0b4a46088a7ec

Restart Required: No

Instructions:

1. Backup your phpIPAM installation and database. 2. Download phpIPAM version 1.5.1 or later from GitHub. 3. Replace the vulnerable files with patched versions. 4. Verify the fix by testing the previously vulnerable endpoints.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with XSS protection rules to block malicious payloads.

Content Security Policy

all

Implement CSP headers to restrict script execution sources.

Add to web server config: Content-Security-Policy: default-src 'self'; script-src 'self'

🧯 If You Can't Patch

Implement strict input validation and output encoding for all user inputs
Deploy network segmentation to isolate phpIPAM from critical systems

🔍 How to Verify

Check if Vulnerable:

Check if phpIPAM version is below 1.5.1 by examining the version file or admin interface.

Check Version:

Check /app/functions/classes/class.Common.php or admin interface for version number.

Verify Fix Applied:

Test the previously vulnerable endpoints with XSS payloads; they should be properly sanitized or rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual long URLs with script tags or JavaScript in query parameters
Multiple failed XSS attempts in web server logs

Network Indicators:

HTTP requests containing <script>, javascript:, or other XSS payloads in URL parameters

SIEM Query:

source="web_server_logs" AND (url="*<script>*" OR url="*javascript:*" OR url="*onerror=*" OR url="*onload=*")

📊 Metadata

CVE ID: CVE-2023-0676

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 1.06% exploit probability (77.3th percentile)

Published: February 4, 2023

Last Updated: February 13, 2026

🔗 References

https://github.com/phpipam/phpipam/commit/94ec73ff1d33926b75b811ded6f0b4a46088a7ec Patch,Third Party Advisory
https://huntr.dev/bounties/b72d4f0c-8a96-4b40-a031-7d469c6ab93b Exploit,Patch,Third Party Advisory
https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2023-0676.md
https://github.com/phpipam/phpipam/commit/94ec73ff1d33926b75b811ded6f0b4a46088a7ec Patch,Third Party Advisory
https://huntr.dev/bounties/b72d4f0c-8a96-4b40-a031-7d469c6ab93b Exploit,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0676, you might also want to check these: