Ex Libris Patron Directory Services 2.1 Cross Site Scripting

`*CVE-2014-7293 Ex Libris Patron Directory Services (PDS) XSS (Cross-Site  
Scripting) Security Vulnerability*  
  
  
  
  
Exploit Title: Ex Libris Patron Directory Services (PDS) Logon Page url  
Parameter XSS  
Product: Ex Libris Patron Directory Services (PDS)  
Vendor: Ex Libris  
Vulnerable Versions: 2.1 and probability prior  
Tested Version: 2.1  
Advisory Publication: DEC 29, 2014  
Latest Update: DEC 29, 2014  
Vulnerability Type: Cross-Site Scripting [CWE-79]  
CVE Reference: CVE-2014-7293  
Risk Level: Medium  
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)  
Credit: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]  
  
  
  
  
  
  
  
*Advisory Details:*  
  
  
*(1) Vendor URL:*  
http://www.exlibrisgroup.org/display/CrossProductCC/PDS+OpenSSO+Integration  
  
  
*Product Description:*  
  
“Ex Libris is a leading worldwide developer and provider of  
high-performance applications for libraries, information centres, and  
researchers.”  
  
Patron Directory Services (PDS) module was provides a seamless single  
sign-on (SSO) environment for all Ex Libris products. such as, Aleph,  
Metalib, Primo, DigiTool, Rosetta …  
  
It is one of the largest library management system which is used by large  
numbers of universities and institutions.  
  
  
  
  
  
*(2) Vulnerability Details:*  
  
However, Patron Directory Services (PDS) can be exploited by XSS Attacks.  
  
  
*(2.1) *The vulnerability occurs at “PDS” service’s logon page, with “&url”  
parameter,  
  
  
  
  
  
  
*References:*  
http://tetraph.com/security/cves/cve-2014-7293-ex-libris-patron-directory-services-pds-xss-cross-site-scripting-security-vulnerability/  
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7293  
  
  
  
  
  
  
  
  
  
--  
Wang Jing  
School of Physical and Mathematical Sciences (SPMS)  
Nanyang Technological University (NTU), Singapore  
  
  
`