Metasploit 4.1.0 Web UI stored XSS vulnerability

2011-10-24T00:00:00
ID SECURITYVULNS:DOC:27192
Type securityvulns
Reporter Securityvulns
Modified 2011-10-24T00:00:00

Description

Advisory: Metasploit 4.1.0 Web UI stored XSS vulnerability Advisory ID: SSCHADV2011-033 Author: Stefan Schurtz Affected Software: Successfully tested on Metasploit Community Edition Vendor URL: http://metasploit.com/ Vendor Status: fixed EDB-ID: 18012

========================== Vulnerability Description: ==========================

Metasploit 4.1.0 Web UI "project[name]" parameter is prone to a XSS vulnerability

================== Technical Details: ==================

Login to Web UI -> Create New Project -> Project name -> '"</script><script>alert(document.cookie)</script>

========= Solution: =========

http://dev.metasploit.com/redmine/projects/pro/wiki/Release_Notes_400_20111020000001

==================== Disclosure Timeline: ====================

19-Oct-2011 - informed developers 20-Oct-2011 - fixed by vendor 20-Oct-2011 - release date of this security advisory

======== Credits: ========

Vulnerability found and advisory written by Stefan Schurtz.

=========== References: ===========

http://metasploit.com/ http://dev.metasploit.com/redmine/issues/5801 http://www.rul3z.de/advisories/SSCHADV2011-033.txt