Loadbalancer.org Enterprise VA MAX Cross Site Scripting

2018.11.03
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 9.3/10
Impact Subscore: 10/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

Title: Loadbalancer.org Enterprise VA MAX - Unauthenticated Stored XSS Author: Jakub Palaczynski Date: 24. July 2018 CVE: CVE-2018-18864 Affected product: ============= Loadbalancer.org Enterprise VA MAX before 8.3.3 Impact: ====== Remote Code Execution with root privileges. Vulnerability - Unauthenticated Stored XSS: =================================== Two instances of Unauthenticated Stored XSS issue were identified in Loadbalancer.org Enterprise VA MAX: 1. Application takes input from Basic Auth (username) and stores it without any validation in "Apache Error Log". This instance works only on HTTPS port. 2. It is possible to inject custom JavaScript code by accessing URL like /?<XSS>. Such JavaScript is stored in "Apache User Log". It works on both - HTTP and HTTPS ports. Contact: ======== Jakub[dot]Palaczynski[at]gmail[dot]com


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top