CVE-2008-7017

CAcert - Cross-Site Scripting via X.509 Certificate CommonName Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7017. PoCs published by Alexander Klink.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in CAcert by crafting a malicious OpenSSL command to generate a certificate request with embedded JavaScript. The payload executes arbitrary script code in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions before 20080928, allows remote attackers to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alexander Klink · textwebappsphp

https://www.exploit-db.com/exploits/32443

View Code ZIP pw:eip

This exploit demonstrates a cross-site scripting (XSS) vulnerability in CAcert by crafting a malicious OpenSSL command to generate a certificate request with embedded JavaScript. The payload executes arbitrary script code in the context of the affected site.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: CAcert (versions released on or before September 21, 2008)

No auth needed

Prerequisites: OpenSSL installed · Access to CAcert's certificate submission interface

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit x_refsource_misc

http://www.cynops.de/advisories/AKLINK-SA-2008-007.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45515

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/31481

Scores

EPSS 0.0090

EPSS Percentile 54.9%

Details

CWE

CWE-79

Status published

Products (1)

cacert/cacert 20080921

Published Aug 21, 2009

Tracked Since Feb 18, 2026