CVE-2018-19131

MEDIUM LAB

Squid < 4.4 - Cross-Site Scripting via Crafted X.509 Certificate

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-19131. PoCs published by JonathanWilbur.

AI-analyzed exploit summary This repository demonstrates CVE-2018-19131, a vulnerability in Squid proxy where a malicious HTTPS certificate with a crafted Common Name (CN) can trigger XSS in the proxy's error page. The PoC uses Docker to deploy a vulnerable Squid instance and a self-signed certificate with a script-injected CN.

Description

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.

Exploits (1)

nomisec WORKING POC 19 stars
by JonathanWilbur · poc
https://github.com/JonathanWilbur/CVE-2018-19131

This repository demonstrates CVE-2018-19131, a vulnerability in Squid proxy where a malicious HTTPS certificate with a crafted Common Name (CN) can trigger XSS in the proxy's error page. The PoC uses Docker to deploy a vulnerable Squid instance and a self-signed certificate with a script-injected CN.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Squid Proxy 3.5.27 and earlier
No auth needed
Prerequisites: Docker · Docker Compose · Client configured to use the vulnerable Squid proxy
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mitigation, Vendor Advisory x_refsource_misc
http://www.squid-cache.org/Advisories/SQUID-2018_4.txt
Third Party Advisory x_refsource_misc
https://github.com/squid-cache/squid/pull/306

Scores

CVSS v3 6.1
EPSS 0.0333
EPSS Percentile 87.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Lab Environment

COMMUNITY
Community Lab
docker pull nginx:latest

Details

CWE
CWE-79
Status published
Products (1)
squid-cache/squid < 4.4
Published Nov 09, 2018
Tracked Since Feb 18, 2026