Document Title: ============== Nokia Solutions and Networks @vantage - Multiple Reflected XSS Release Date: ============ 9 Sep 2015 Abstract Advisory Information: ============================= Ugur Cihan Koc discovered twentySeven Reflected XSS vulnerability in Nokia NSN @vantage Vulnerability Disclosure Timeline: ================================= 24 July 2015 Bug reported to the vendor. 28 July 2015 Asked about the case. 8 Sep 2015 End of support for this product, reported by the vendor Discovery Status: ================ Published Affected Product(s): =================== Nokia NSN @vantage Exploitation Technique: ====================== Local, Authenticated Severity Level: ============== Medium Technical Details & Description: =============================== Affected Path/Parameter[27] : /cftraces/filter/fl_copy.jsp idFilter nameFilter /cftraces/filter/fl_crea1.jsp flName /cftraces/process/pr_show_process.jsp serchStatus refreshTime serchNode /cftraces/session/se_crea.jsp MaxActivationTime NumberOfBytes NumberOfTracefiles SessionName serchSessionkind /cftraces/session/se_show.jsp serchSessionDescription /cftraces/session/tr_crea_filter.jsp serchApplication serchApplicationkind /cftraces/session/tr_create_tagg_para.jsp columKeyUnique columParameter componentName criteria1 criteria2 criteria3 description filter id pathName tableName component /home/certificate_association.jsp userid Proof of Concept (PoC): ====================== Proof of Concept https://drive.google.com/open?id=0B-LWHbwdK3P9eTNKRkdDWGpkN2M Solution Fix & Patch: ==================== There aren't any fix for the issue. [End of Support] Security Risk: ============= The risk of the vulnerability above estimated as medium. Credits & Authors: ================= Ugur Cihan Koc(@_uceka_) Blog: www.uceka.com