# Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting (XSS)
# Google Dork: inurl:/scripts/wa.exe
# Date: 12/01/2022
# Exploit Author: Shaunt Der-Grigorian
# Vendor Homepage:
# Software Link:
# Version: 17
# Tested on: Windows Server 2019
# CVE : CVE-2022-39195

A reflected cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the "c" parameter.

To reproduce, please visit
(or whichever URL you can use for testing instead of localhost).

The "c" parameter will reflect any value given onto the page.

# Solution
This vulnerability can be mitigated by going under "Server Administration" to "Web Templates" and editing the BODY-LCMD-MESSAGE web template. Change &+CMD; to &+HTMLENCODE(&+CMD;); .