usd-2018-0001 | Starface/6.4.3.34


Advisory ID: usd-2018-0001
CVE Number: N/A
Affected Product: Starface
Affected Version: 6.4.3.34
Vulnerability Type: Reflected XSS
Security Risk: Medium
Vendor Status: Not fixed

Description

Reflected XSS attack (or non-persistent attack) occur when a malicious script is reflected off of a web application to the victim’s browser. The attack is typically delivered via email or a web site and activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts.

Proof of Concept (PoC)

The ‚items‘, ’selected‘ and ‚titleKey‘ parameters of /config/voicebox/display/group.do are vulnerable to XSS.
=> PoC will be published when all issues are fixed.
The ‚items‘, ’selected‘ and ‚titleKey‘ parameters of /config/voicebox/display/user.do are vulnerable to XSS.
=> PoC will be published when all issues are fixed.
The parameters ‚items‘, ‚regex‘, ’selected‘, ‚titleKey‘, ‚width‘ and ‚emptyOption‘ of /template/list.do are vulnerable to XSS.
=> PoC will be published when all issues are fixed.

Fix

Make sure to encode the user supplied input.

Credits

These security vulnerabilities were found by Sebastian Puttkammer of usd AG.