# Exploit Title: IBM Virtual Security Operations Center (VSOC) - Cross Site Scripting (XSS)
# Date: August 2, 2018
# Portal Link: https://portal.sec.ibm.com
# Exploit Author: Kushal Jaisingh
# Contact: https://ca.linkedin.com/in/kushaljaisingh
# Category: WebApps, XSS
1. Description
Below are the steps to reproduce the reflected cross site scripting (XSS) vulnerability found in IBM's Virtual Security Operations Center (VSOC) ticketing portal. IBM and clients use the VSOC portal to open tickets related to IBM's security related service offerings such as QRadar and other security appliances.
2. Proof of Concept
Steps to reproduce XSS alert popup:
1.) Goto https://portal.sec.ibm.com
2.) Login
3.) Once logged, locate the search box in the top right hand corner of the page labelled "Search Portal"
4.) Paste the following XSS payload into the search box: '});alert(1);//
5.) Hit enter on your keyboard to search, once the page loads you will be alerted with a XSS window.
3. Explanation:
I noticed search queries were being reflected inside the script tag. So in my XSS payload I began by completing the syntax for the query argument using a single quote followed by a curly bracket. Next, I completed the syntax for the function the query variable fed into using a right parenthesis. Finally, I ended the previous instruction with a semicolon and injected my own JavaScript instruction alert(1); which created the XSS window. I also included a double slash at the end commenting out anything else coming after on the line.
4. Solution:
Never trust any user provided inputs. Always sanitize user provided inputs to prevent cross site scripting.
# 0day.today [2018-04-09] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation