LanSweeper 6.0.100.75 Cross-Site Scripting

2017.11.17
Credit: Miguel Mendez Z
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2017-16841
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

LanSweeper - Cross Site Scripting and HTMLi Title: Vulnerability in LanSweeper Date: 16-11-2017 Status: Vendor contacted, patch available Author: Miguel Mendez Z Vendor Homepage: http://www.lansweeper.com Version: 6.0.100.75 CVE: CVE-2017-16841 Vulnerability description ------------------------- LanSweeper 6.0.100.75 has XSS via the description parameter to "/Calendar/CalendarActions.aspx". Take control of the browser using the xss shell or perform malware attacks on users. Vulnerable variable: -------------------- "http://victim.com/Calendar/CalendarActions.aspx?action=scheduleinfo&id=2&__VIEWSTATE=&title=Test+Lansweeper&description=XSS/HTMLI&type=1&startdate=13/10/2017&txtStart=19:30&enddate=13/10/2017&txtEnd=21:30&reminder=15&repeattype=1&amount=1&repeatby=0&monthday=1&monthweekday=1&monthweekdayday=1&ends=1&occurrences=15&repeatenddate=&agents={"14":{"id":14,"editAllowed":true}}&teams=&delete=false" "http://victim.com/Scanning/report.aspx?det=web50accessdeniederrors&title=XSS/HTMLI" "http://victim.com/Software/report.aspx?det=XSS/HTMLI&title=Linux Software" Poc: ---- https://www.youtube.com/watch?v=u213EqTSsXQ


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top