Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-1525 Issue to group security concerns
  3. OFBIZ-2747

Security : The remote web server is prone to cross-site scripting attacks.

    XMLWordPrintableJSON

    Details

    • Sprint:
      Bug Crush Event - 21/2/2015

      Description

      The pollbox seems to be subjet to request argument injection, without any strip of html tags (ex : <script>).

      Nessus scan log :

      Web Server Generic XSS

      Synopsis :

      The remote web server is prone to cross-site scripting attacks.

      Description :

      The remote host is running a web server that fails to adequately
      sanitize request strings of malicious JavaScript. By leveraging this
      issue, an attacker may be able to cause arbitrary HTML and script code
      to be executed in a user's browser within the security context of the
      affected site.

      See also :

      http://en.wikipedia.org/wiki/Cross-site_scripting

      Solution :

      Contact the vendor for a patch or upgrade.

      Risk factor :

      Medium / CVSS Base Score : 4.3
      (CVSS2#AV:N/AC:M/Au:N/C:N/I/A:N)

      Plugin output :

      The request string used to detect this flaw was :

      /?<script>cross_site_scripting.nasl</script>

      The output was :

      HTTP/1.1 200 OK
      Server: Apache-Coyote/1.1
      X-Powered-By: JSP/2.1
      Set-Cookie: OFBiz.Visitor=12065; Expires=Wed, 21-Jul-2010 21:31:20 GMT; Path=/
      Content-Type: text/html;charset=UTF-8
      Transfer-Encoding: chunked
      Date: Tue, 21 Jul 2009 21:31:19 GMT

      [...]
      <h3>Mouse Hand Poll</h3>
      <div class="screenlet-body">
      <form method="post" action="/control/minipoll/main" style="margin: 0;">
      <input type="hidden" name="<script>cross_site_scripting.nasl</script>" value=""/>
      <input type="hidden" name="surveyId" value="1004"/>
      <table width="100%" border="0" cellpadding="2" cellspacing="0">
      [...]

      CVE : CVE-2002-1060, CVE-2003-1543, CVE-2005-2453, CVE-2006-1681
      BID : 5305, 7344, 7353, 8037, 14473, 17408
      Other references : OSVDB:4989, OSVDB:18525, OSVDB:24469, OSVDB:42314

      Nessus ID : 10815

        Attachments

          Activity

            People

            • Assignee:
              lektran Scott Gray
              Reporter:
              scaroo Alexandre Mazari
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: