SAP BusinessObjects viewError.jsp 'error' Parameter XSS

medium Nessus Plugin ID 44343

Synopsis

A web application on the remote host has a cross-site scripting vulnerability.

Description

The version of SAP BusinessObjects installed on the remote web server has a cross-site scripting vulnerability. Input passed to the 'error' parameter of '/PerformanceManagement/jsp/viewError.jsp' is not properly sanitized.

A remote attacker could exploit this by tricking a user into requesting a specially crafted URL, resulting in the execution of arbitrary script code.

This version of BusinessObjects reportedly has several other vulnerabilities, though Nessus has not checked for those issues.

Solution

Contact the vendor for a fix.

See Also

http://www.nessus.org/u?c9cfae68

https://seclists.org/fulldisclosure/2010/Jan/572

Plugin Details

Severity: Medium

ID: 44343

File Name: sap_bobj_viewerror_xss.nasl

Version: 1.13

Type: remote

Published: 2/1/2010

Updated: 1/19/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:sap:businessobjects

Required KB Items: www/sap_bobj

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/18/2010

Reference Information

BID: 37900, 37972

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

Secunia: 38217