Lucene search

K
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.LIFERAY_7_4_3_53_CVE-2023-39941.NASL
HistoryMay 26, 2023 - 12:00 a.m.

Liferay Portal 7.4.3.41 <= 7.4.3.52 Reflected XSS

2023-05-2600:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
liferay portal
reflected xss
oauth 2.0
remote attackers
injection
arbitrary
html
vulnerability
upgrade

0.001 Low

EPSS

Percentile

30.2%

Multiple cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module’s OAuth2ProviderApplicationRedirect class in Liferay Portal allow remote attackers to inject arbitrary web script or HTML via the (1) code, or (2) error parameter.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176413);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/06/22");

  script_cve_id("CVE-2023-33941");
  script_xref(name:"IAVA", value:"2023-A-0267-S");

  script_name(english:"Liferay Portal 7.4.3.41 <= 7.4.3.52 Reflected XSS");

  script_set_attribute(attribute:"synopsis", value:
"An application running on a remote web server host is affected by a cross-site scripting vulnerability.");
  script_set_attribute(attribute:"description", value:
"Multiple cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's 
OAuth2ProviderApplicationRedirect class in Liferay Portal allow remote attackers to inject arbitrary web script or 
HTML via the (1) code, or (2) error parameter.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33941?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_assetEntryId=121810594&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_assetEntryId%3D121810594%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?42303b39");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Liferay Portal 7.4.3.53 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-33941");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/26");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:liferay:liferay_portal");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("liferay_detect.nasl");
  script_require_keys("installed_sw/liferay_portal");
  script_require_ports("Services/www", 8080);

  exit(0);
}
include('http.inc');
include('vcf.inc');

var port = get_http_port(default:8080);
var app_info = vcf::get_app_info(app:'liferay_portal', webapp:TRUE, port:port);

var constraints = [
  { 'min_version':'7.4.3.41', 'fixed_version':'7.4.3.53' }
];

vcf::check_version_and_report(
  app_info:app_info, 
  constraints:constraints,
  severity:SECURITY_WARNING,
  flags:{'xss':TRUE} 
);
VendorProductVersionCPE
liferayliferay_portalcpe:/a:liferay:liferay_portal

0.001 Low

EPSS

Percentile

30.2%

Related for LIFERAY_7_4_3_53_CVE-2023-39941.NASL