Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-39197

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-39197

Description:
An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).
Last updated date:
09/22/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/02/2022
Reference url to background

https://github.com/lovechoudoufu/cobaltstrike4.5_cdf

Type:
exploit
Confidence:
HIGH
Date of publishing:
09/21/2022
Reference url to background

https://github.com/safe3s/CVE-2022-39197

Type:
exploit
Confidence:
HIGH
Date of publishing:
09/22/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/23/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/24/2022
Reference url to background

https://github.com/yqcs/CSPOC

Type:
exploit
Confidence:
HIGH
Date of publishing:
09/26/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/26/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/09/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/14/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/22/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy