游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

赤队小组-代号1949（原CHT攻防小组）在这个瞬息万变的网络时代，我们保持初心，创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识，您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告，请注册用户查看我们的使用与隐私策略，谢谢您的配合。小组成员可以获取论坛隐藏内容！

TheHackerWorld官方

ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting

PHP,webapps,CVE-2020-28351

发布于2022年11月5日3年前

# Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting
# Date: 11/8/2020
# Exploit Author: Joe Helle
# Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products
# Version: 19.46.1802.0
# Tested on: Linux
# CVE: 2020-28351

PoC:

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could
allow an unauthenticated attacker to conduct a reflected cross-site
scripting attack (XSS) via the PATH_INFO to index.php, due to insufficient
validation for the time_zone object in the HOME_MEETING& page.

Vulnerable payload
/index.php/%22%20onmouseover=alert(document.domain)%20?page=HOME

Vulnerability is in the HOME_MEETINGS& page, where a time_zone dropdown
object is located. Upon executing the payload, the exploit executes when
the mouse is rolled over the dropdown menu object.

https://github.com/dievus/CVE-2020-28351