Vulners
Lucene search
SAP HANA 4 Cross Site Scripting
🗓️ 13 Jan 2016 00:00:00Reported by Shahmeer BalochType 
packetstorm🔗 packetstormsecurity.com👁 19 Views
`SAP Hana Cloud Platform Cockpit Cross site Scripting Vulnerabilities
========================================================================
Vender:
SAP
Product:
SAP HANA CLoud
Vulnerability Type:
Cross site scripting
Title:
SAP Hana Cloud Cross scripting in User Display Name
Details:
SAP Hana cloud allows any user with the least privileges to input arbitrary client side JS code into the Display Name parameter. Victim intervention is not required for the successful as the code is stored and execute in the browser upon viewing the victim's profile.
Note: All webpages of the domain are affected
Vulnerable Parameter:
SAP Hana Cloud User Account Display Name "Display Name"
Method:
POST
Exploit Code:
https://localhost/a/cockpit#/acc/[account-id]/accountmanagement
Post data
<name="Display Name" value="007"><img src=x onerror=prompt(document.cookie);>
Impact:
Since there is no requirement of Victim intervention, Session ID and data theft may follow as well as possibility to
bypass CSRF protections, injection of iframes to establish communication channels etc.
Severity Level:
Critical
------------------------------------------------------------------------
Vender:
SAP
Product:
SAP HANA CLoud
Vulnerability Type:
Cross site scripting
Title:
SAP Hana Cloud Cross site scripting in HTML5 Application Name
Details:
SAP Hana cloud allows users to input arbitrary client side JS code into the HTML5 Application Name parameter. Victim intervention is not required for the successful as the code is stored and execute in the browser upon user edition of the HTML5 application
Vulnerable Parameter:
SAP Hana Cloud HTML5 Application Name "Application Name"
Method:
POST
Exploit Code:
https://localhost/a/cockpit#/acc/[account-id]/hcproxy
Post data
<name="Application Name" value="007"><img src=x onerror=prompt(document.cookie);>
Impact:
Since there is no requirement of Victim intervention, Session ID and data theft may follow as well as possibility to
bypass CSRF protections, injection of iframes to establish communication channels etc.
Severity Level:
Critical
------------------------------------------------------------------------
Vender:
SAP
Product:
SAP HANA CLoud
Vulnerability Type:
Cross site scripting
Title:
SAP Hana Cloud Cross scripting in Database Repository Name
Details:
SAP Hana cloud allows users to input arbitrary client side JS code into the Database Repository Name parameter. Victim intervention is not required for the successful as the code is stored and execute in the browser upon user edition of the Database Repo application
Vulnerable Parameter:
SAP Hana Cloud HTML5 Database Repository Name "Display Name"
Method:
POST
Exploit Code:
https://localhost/a/cockpit#/acc/[account-id]/repositories/[repository-name]/ecmrepositorysettings
Post data
<name="Display Name" value="007"><img src=x onerror=prompt(document.cookie);>
Impact:
Since there is no requirement of Victim intervention, Session ID and data theft may follow as well as possibility to
bypass CSRF protections, injection of iframes to establish communication channels etc.
Severity Level:
Critical
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Jan 2016 00:00Current