cPanel bwday.html Multiple Variable XSS

2004-06-12T09:39:00
ID OSVDB:6944
Type osvdb
Reporter OSVDB
Modified 2004-06-12T09:39:00

Description

Vulnerability Description

cPanel contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the bwday.html script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

cPanel contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the bwday.html script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/frontend/x/stats/bwday.html?month=<script>alert('Vulnerable')</script>&year=2004&domain=[DOMAIN]&target=[USER_ID]&subd=&day=5

http://[victim]/frontend/x/stats/bwday.html?month=6&year=<script>alert('Vulnerable')</script>&domain=[DOMAIN]&target=[USER_ID]&subd=&day=5

http://[victim]/frontend/x/stats/bwday.html?month=6&year=2004&domain=<script>alert('Vulnerable')</script>&target=[USER_ID]&subd=&day=5

http://[victim]/frontend/x/stats/bwday.html?month=6&year=2004&domain=[DOMAIN]&target=[USER_ID]&subd=&day=<script>alert('Vulnerable')</script>

References:

Related OSVDB ID: 6946 Related OSVDB ID: 6945