Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Fotoware Fotoweb 8.0 Cross Site Scripting

🗓️ 29 Jul 2016 00:00:00Reported by Miguel A. HernandezType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 38 Views

Fotoware Fotoweb 8.0 Cross Site Scripting vulnerability in login page paramete

Code
`##############################################################   
  
- S21Sec Advisory -   
- S21SEC-047-en.txt -  
  
##############################################################   
  
Title: Fotoware Fotoweb 8.0 Cross Site Scripting (XSS)   
ID: S21sec-047-en   
Severity: Low   
History: May.2016 Vulnerability discovered   
June.2016 Vendor contacted   
July.2016 Vendor patch acknowledge.  
Scope: Cross Site Scripting XSS   
Platforms: Any   
Author: Miguel A. Hernandez / Departamento Auditoria S21sec.  
  
Release: Public   
  
  
[ SUMMARY ]   
  
Fotoweb is an enterprise grade Digital Asset Management System (DMS).  
A DMS provides a central repository of pictures and media files.   
  
Unfiltered user-supplied data can lead a reflected XSS vulnerability.  
This allows an attacker to execute arbitrary JavaScript in the context of the  
browser of a victim if the victim clicks on an attacker supplied link or visits  
an attacker controlled website.  
  
[ AFFECTED VERSIONS ]   
  
This vulnerability has been tested and found working on version 8.0.715.5753  
  
  
[ DESCRIPTION ]   
  
An insufficient input validation allows JS code injection in the   
parameter 'to' in login page. Example:   
  
http://fotowebserver/fotoweb/views/login?to=/fotoweb/%22;}%20else%20{%20alert%28%22S21sec%20XSS%22%29;%20}%20if%20%28inIframe%28%29%29%20{%20var%20relleno=%22  
  
  
[ WORKAROUND ]   
  
The reported vulnerability has been reviewed by Fotoware development team.  
This issue is addressed in FotoWeb 8 Feature Release 8.   
  
[ ACKNOWLEDGMENTS ]   
  
This vulnerability has been found and researched by:   
  
- Miguel A. Hernandez [ Departamento de Auditoria S21sec ]  
  
We would like to acknowledge the assistance of Fotoware:   
  
- John Fredrik Engeland [ Fotoware Support Manager ]  
  
[ REFERENCES ]   
  
* Fotoware   
http://fotoware.com  
  
* S21sec   
http://www.s21sec.com   
  
* S21sec Blog   
http://blog.s21sec.com   
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Jul 2016 00:00Current
7.4High risk
Vulners AI Score7.4
fotowarefotowebcross site scriptingxsslogin pagevulnerabilityinput validation
38