Miggo Logo
Miggo Vulnerability Database
CVE-2024-5312

CVE-2024-5312: PHP Server Monitor vulnerable to Cross-site Scripting

6.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-5312
GHSA ID
GHSA-rq7f-j68f-mqh3
EPSS Score
0.39289%
CWE
CWE-79
Published
5/24/2024
Updated
5/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpservermon/phpservermoncomposer<= 3.2.03.3.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability exists in PHPMailer's test script included with PHP Server Monitor. The commit diff shows this script was removed/renamed in patched versions. The test script's parameters are reflected in HTML output without proper sanitization (no visible use of htmlspecialchars or equivalent). This matches the XSS pattern described in CWE-79 where user input is directly embedded in generated web pages.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

P*P S*rv*r Monitor, v*rsion *.*.*, is vuln*r**l* to *n XSS vi* t** /p*ps*rv*rmon-*.*.*/v*n*or/p*pm*il*r/p*pm*il*r/t*st_s*ript/in**x.p*p p*** in *ll visi*l* p*r*m*t*rs. *n *tt**k*r *oul* *r**t* * sp**i*lly *r**t** URL, s*n* it to * vi*tim *n* r*tri*v*

Reasoning

T** vuln*r**ility *xists in `P*PM*il*r`'s t*st s*ript in*lu*** wit* `P*P` S*rv*r Monitor. T** *ommit *i** s*ows t*is s*ript w*s r*mov**/r*n*m** in p*t**** v*rsions. T** t*st s*ript's p*r*m*t*rs *r* r**l**t** in *TML output wit*out prop*r s*nitiz*tion