Authored by Shaunt D

LISTSERV version 17 suffers from a cross site scripting vulnerability.

advisories | CVE-2022-39195

# Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting (XSS)
# Exploit Author: Shaunt D
# Vendor Homepage:
# Version: 17
# Tested on: Windows Server 2019
# CVE : CVE-2022-39195

A reflected cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the "c" parameter.

To reproduce, please visit

(or whichever URL you can use for testing instead of localhost).

The "c" parameter will reflect any value given onto the page.

# Solution

This vulnerability can be mitigated by going under "Server Administration" to "Web Templates" and editing the BODY-LCMD-MESSAGE web template. Change &+CMD; to &+HTMLENCODE(&+CMD;); .