SearchBlox 8.2 XSS Vulnerabilit
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
htbridge | Reflected Cross-Site Scripting (XSS) in SearchBlox | 22 Apr 201500:00 | – | htbridge |
NVD | CVE-2015-3422 | 18 Jun 201518:59 | – | nvd |
Packet Storm | SearchBlox 8.2 Cross Site Scripting | 17 Jun 201500:00 | – | packetstorm |
Cvelist | CVE-2015-3422 | 18 Jun 201518:00 | – | cvelist |
Prion | Cross site scripting | 18 Jun 201518:59 | – | prion |
securityvulns | Reflected Cross-Site Scripting (XSS) in SearchBlox | 21 Jun 201500:00 | – | securityvulns |
securityvulns | Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | 21 Jun 201500:00 | – | securityvulns |
CVE | CVE-2015-3422 | 18 Jun 201518:59 | – | cve |
Vendor: SearchBlox Software, Inc.
Vulnerable Version(s): 8.2 and probably prior
Tested Version: 8.2
Advisory Publication: April 22, 2015 [without technical details]
Vendor Notification: April 22, 2015
Vendor Patch: May 26, 2015
Public Disclosure: June 17, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-3422
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
-----------------------------------------------------------------------------------------------
Advisory Details:
High-Tech Bridge Security Research Lab discovered XSS vulnerability in SearchBlox, which can be exploited to perform Cross-Site Scripting attacks against the vulnerable web application administrators.
Input passed via the "menu2" HTTP GET parameter to "/searchblox/admin/main.jsp" script is not properly sanitised before being returned to the user. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and scripting code in his browser in context of the vulnerable website.
A simple XSS exploit below uses the "alert()" JS function to display a box with "ImmuniWeb" word:
http://[host]/searchblox/admin/main.jsp?menu1=adm&menu2=%22%3E%3Cscript%3Ealert%28%27ImmuniWeb%27%29;%3C/script%3E
-----------------------------------------------------------------------------------------------
Solution:
Update to SearchBlox 8.2.1
# 0day.today [2018-04-12] #
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo