Alienvault OSSIM/USM 5.3.1 Cross Site Scripting

2016.11.02
Credit: Peter Lapp
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Reflected XSS Author: Peter Lapp, lappsec () gmail com CVE: CVE-2016-8583 Vulnerable Versions: <=5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== Multiple GET parameters in the vulnerability scan scheduler of OSSIM/USM before 5.3.2 are vulnerable to reflected XSS. The parameters include jobname, timeout, sched_id, and targets[] in /ossim/vulnmeter/sched.php. POC === Example payload is: "><body+onpageshow%3d"alert(0) For the targets[] param the payload is slightly different. Timeline ======== 08/03/16 - Reported to Vendor 10/03/16 - Fixed in version 5.3.2 References ========== https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities

References:

https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top