ViewVC viewvc.cgi search Parameter XSS

low Nessus Plugin ID 45406

Synopsis

The remote web server hosts a web application that is vulnerable to a cross-site scripting attack.

Description

The remote web server is hosting a version of ViewVC that is affected by a cross-site scripting vulnerability in the 'search' parameter of the 'viewvc.cgi' script.

An attacker, exploiting this flaw, could execute arbitrary script code in a user's browser.

Note that successful exploitation requires the regular expression search functionality to be enabled. It is not by default.

Solution

Upgrade to ViewVC 1.1.5 / 1.0.11 or later.

See Also

https://secuniaresearch.flexerasoftware.com/secunia_research/2010-26/

http://www.nessus.org/u?70307efb

http://www.nessus.org/u?c30a4650

Plugin Details

Severity: Low

ID: 45406

File Name: viewvc_search_xss.nasl

Version: 1.12

Type: remote

Published: 4/2/2010

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 2.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:viewvc:viewvc

Required KB Items: www/viewvc

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 3/29/2010

Vulnerability Publication Date: 3/30/2010

Reference Information

CVE: CVE-2010-0132

BID: 39053

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

SECUNIA: 38918