Navy Federal Cross Site Scripting

2020.09.19
Credit: Arthrocyber
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Vendor ------------------------------------------------- Navy Federal - (https://www.navyfederal.org/ Product ------------------------------------------------- Front pubic facing application Credit ------------------------------------------------- Arthrocyber http://arthrocyber.com/research/#finding_7 David Reyes Vulnerability Summary ------------------------------------------------- The endpoint sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain did not sanitize HTML characters. It was possible to pass HTML code which triggered an XSS. Technical Details ------------------------------------------------- The parameter "type" failed to properly sanitize HTML characters resulting in reflective XSS. https://sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain?OpenForm&Seq=1&Type=%22%3E%3Cscript%3Ealert(%225-2-17--Reflective-Arthrocyber-XSS%22)%3C/script%3E https://sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain?OpenForm&Seq=1&Type=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Solution ------------------------------------------------- Reference OWASP top 10. https://owasp.org/www-community/attacks/xss/ Timeline ------------------------------------------------- 07 May 2019 - Adaptive Security Consulting discovered a series of vulnerabilities in medical records management and search applications being considered by our client September 2020 - Endpoint no longer appears to be vulnerable to XSS. Juan Avila Arthrocyber, LLC Cell (682)238-7188


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top