Login Sign Up

CVE-2023-23467

8.1 HIGH
Cross-Site Scripting

📋 TL;DR

CVE-2023-23467 is a reflected cross-site scripting (XSS) vulnerability in Media CP Media Control Panel that allows attackers to inject malicious scripts via unspecified endpoints. This affects users of the latest version of Media CP Media Control Panel, potentially compromising their sessions and exposing sensitive data.

💻 Affected Systems

Products:
  • Media CP Media Control Panel
Versions: Latest version (specific version unspecified in CVE)
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in unspecified endpoints; all deployments using the affected version are vulnerable.

📦 What is this software?

Media Control Panel by Mediacp

View all CVEs affecting Media Control Panel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, perform actions on behalf of authenticated users, or install malware through client-side exploitation.

🟠

Likely Case

Session hijacking, credential theft, or defacement of the control panel interface through crafted malicious links.

🟢

If Mitigated

Limited impact if input validation and output encoding are properly implemented, though some client-side disruption may still occur.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS typically requires user interaction (clicking a malicious link) but is straightforward to exploit once the vulnerable endpoint is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.gov.il/en/Departments/faq/cve_advisories

Restart Required: No

Instructions:

Monitor vendor advisory for patch release. Apply patch when available. No specific patching steps provided in CVE.

🔧 Temporary Workarounds

Implement Input Validation and Output Encoding

all

Add server-side validation and proper output encoding to sanitize user inputs in all endpoints.

Deploy Web Application Firewall (WAF)

all

Configure WAF rules to block XSS payloads and malicious requests targeting the control panel.

🧯 If You Can't Patch

  • Restrict access to the Media Control Panel to trusted networks only using firewall rules.
  • Implement Content Security Policy (CSP) headers to mitigate script injection impact.

🔍 How to Verify

Check if Vulnerable:

Test endpoints with XSS payloads (e.g., <script>alert('XSS')</script>) and observe if scripts execute in response.

Check Version:

Check Media CP Media Control Panel version via admin interface or configuration files (specific command depends on deployment).

Verify Fix Applied:

Re-test with XSS payloads after applying fixes; ensure scripts are not executed and inputs are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual requests containing script tags or JavaScript payloads in query parameters or headers.

Network Indicators:

  • HTTP requests with suspicious parameters indicative of XSS testing (e.g., containing <script>, alert(), or eval()).

SIEM Query:

source="web_logs" AND (uri="*<script>*" OR uri="*alert(*" OR uri="*javascript:*")

📊 Metadata

CVE ID: CVE-2023-23467
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-79
Published: February 15, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-23467, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)