NASLDB: Apache Struts struts2-rest-showcase orders clientName Parameter Persistent XSS
General
ID: 60095
Name: Apache Struts struts2-rest-showcase orders clientName Parameter Persistent XSS
Summary: Tries to exploit an XSS flaw in Struts2-rest-showcase
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Temporal Vector: CVSS2#E:F/RL:U/RC:ND
Port: 80
Family: CGI abuses : XSS
Type: Remote
Description
The remote web server hosts Struts2-rest-showcase, a demonstration
application for the Struts2 framework. Input passed via the
‘clientName’ parameter to the ‘orders’ page is not properly sanitized,
which can allow for arbitrary HTML and script code to be loaded onto
the system that is executed when a user visits the ‘orders’ page.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2012-1006
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2012/02/01
Patch Release: –
Plugin Release: 2012/07/23
Plugin
Version: 1.2
Filename: struts_rest_showcase_xss.nasl
Filesize: 4990 bytes
MD5 Hash: 558b5ac741f8476197881c9126d6106e
Identification: –
Require Keys: –
Dependencies: "http_version.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack