CVE-2022-2956 A vulnerability has been found in ConsoleTVs Noxen, affecting an unknown function of the file /Noxen-master/users.php

The nginx web server is a software package that serves web pages. It was developed as a replacement for the previously used Apache HTTP Server. We may configure it in the server configuration file /etc/nginx/nginx.conf to serve the web sites. ConsoleTVs Noxen is vulnerable to the Cross Site Scripting. It is possible to exploit this issue in the following manner: User interaction is required to exploit the issue.

Impact:

An attacker may exploit the Cross Site Scripting issue to execute malicious script code in user’s browser, Redirect the user to another site, or obtain sensitive information. How to determine if your site is vulnerable? The following command may be used to determine if your site is vulnerable to the Cross Site Scripting issue. The command will return the list of all applications that have the presence of the Cross Site Scripting vulnerability. To check if the application is vulnerable, you may use the following command. - voyager https://[your_domain_here]/[your_application_here] - If the result of the command is “Vulnerable to XSS”, your site is vulnerable. How to fix the issue?

In order to fix the issue, you must edit the configuration file /etc/nginx/nginx.conf and configure it to reject the Cross Site Scripting. You may edit the following configuration file location /etc/nginx/nginx.conf

Rejecting the Cross Site Scripting location / {   auth_basic "Restricted";  proxy_pass http://localhost:8000;  proxy_set_header Host $host;  proxy_set_header X-Real-IP $remote_addr;  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }

nginx.conf File Content Need to be Edited

Protection Against XSS

You must edit the configuration file /etc/nginx/nginx.conf to reject the Cross Site Scripting vulnerability.
It is possible to protect your site against the XSS vulnerability. For example, you may configure your site to reject HTML and JavaScript from specified paths. The following configuration directive will help you do so:
- location = /~starkv/ {
- reject_internal_html off;
- }

Timeline

Published on: 08/23/2022 11:15:00 UTC
Last modified on: 08/26/2022 18:16:00 UTC

References

• https://github.com/whiex/Noxen
• https://vuldb.com/?id.207000
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2956