CVE-2023-53155
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-07-29
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| embedthis | goahead | 2.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the GoAhead Web Server version 2.5, specifically in the 'goform/formTest' endpoint. It allows an attacker to perform HTML injection via the 'name' parameter due to insufficient input validation. This means an attacker can inject arbitrary HTML content into the web application, which can be executed within the context of the affected site. This can lead to client-side attacks such as cross-site scripting (XSS). [1]
How can this vulnerability impact me? :
The vulnerability can allow attackers to inject and execute malicious HTML or scripts in the context of the vulnerable web application. This can lead to cross-site scripting (XSS) attacks, which may result in theft of user credentials, session hijacking, defacement of the website, or other malicious client-side actions. Since the vulnerability has a CVSS base score of 7.2 with network attack vector and no privileges required, it can be exploited remotely without authentication, increasing the risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending HTTP requests to the 'goform/formTest' endpoint with crafted parameters such as 'name' containing HTML tags and observing if the response reflects the injected HTML content. For example, you can use curl to test injection: curl -v 'http://<target-ip>/goform/formTest?name=<h1>Hello</h1>&address=<h1>World</h1>' and check if the response includes the injected HTML tags. If the injected HTML is reflected in the response without proper sanitization, the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable 'goform/formTest' endpoint, applying input validation or sanitization on the 'name' parameter to prevent HTML injection, and updating or patching the GoAhead Web Server to a version where this vulnerability is fixed. If patches are not available, consider deploying web application firewalls (WAF) rules to block malicious input patterns targeting this endpoint. [1]