Lucene search
PRIOn knowledge basePRION:CVE-2022-39197HistorySep 22, 2022 - 1:15 a.m.
Cross site scripting
2022-09-2201:15:00
PRIOn knowledge base
www.prio-n.com
3
An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).
| CPE | Name | Operator | Version |
|---|---|---|---|
| cobalt_strike | le | 4.7 |
Related
nvd
nvd
CVE-2022-39197
2022-09-22 01:15:11
githubexploit
githubexploit
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-10-14 11:46:01
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-10-17 07:26:51
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-09-26 08:58:21
cve
cve
CVE-2022-39197
2022-09-22 01:15:11
attackerkb
attackerkb
CVE-2022-39197
2022-09-22 00:00:00
cisa_kev
cisa_kev
Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability
2023-03-30 00:00:00
cvelist
cvelist
CVE-2022-39197
2022-09-22 00:43:41
thn
thn
qualysblog
qualysblog
Qualys Threat Research Thursday
2022-09-29 14:32:00
trellix
trellix
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
The Bug Report — September 2022 Edition
2022-10-05 00:00:00