WEMS Enterprise Manager 2.58 Cross Site Scripting

2020.01.05
Credit: LiquidWorm
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

WEMS Enterprise Manager 2.58 (email) Reflected XSS Vendor: WEMS Limited Product web page: https://www.wems.co.uk Affected version: 2.58.8903 2.55.8806 2.55.8782 2.19.7959 Summary: WEMS Enterprise Manager is a centralised management and monitoring system for many WEMS equipped sites. It retrieves and stores data to enable energy analysis at an enterprise wide level. It is designed to give global visibility of the key areas that affect a buildings' environmental and energy performance using site data collected via WEMS Site Managers or Niagara compatible hardware. Desc: Input passed to the GET parameter 'email' is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML code in a user's browser session in context of an affected site. Tested on: Linux PHP Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2019-5551 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5551.php 06.07.2019 -- https://192.168.1.244/guest/users/forgotten?email="><script>confirm(251)</script>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top