Detections
Analytics

Apache Struts struts-cookbook processSimple.do message Parameter XSS

medium Nessus Plugin ID 60093

Language:

Synopsis

A remote web application is vulnerable to a cross-site scripting attack.

Description

The remote web server hosts struts-cookbook, a demonstration application for the Struts framework. Input passed via the 'message' parameter to the 'processSimple.do' page is not properly sanitized before using it to generate dynamic HTML.

By tricking someone into clicking on a specially crafted link, an attacker may be able exploit this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.

Solution

Remove or restrict access to the Struts-cookbook application.

See Also

http://secpod.org/blog/?p=450

http://www.nessus.org/u?d16eaf1b

Plugin Details

Severity: Medium

ID: 60093

File Name: struts_cookbook_xss.nasl

Version: 1.11

Type: remote

Published: 7/23/2012

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:apache:struts

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2/1/2012

Reference Information

CVE: CVE-2012-1007

BID: 51900

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990