NethServer 7.3.1611 (Upload.json) CSRF Script Insertion Vulnerability
Title: NethServer 7.3.1611 (Upload.json) CSRF Script Insertion Vulnerability
Advisory ID: ZSL-2017-5432
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 29.08.2017
CentOS Linux 7.3.1611 (Core)
[2] https://cxsecurity.com/issue/WLB-2017080191
[3] https://packetstormsecurity.com/files/143943
[4] https://www.exploit-db.com/exploits/42579/
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/131087
[31.08.2017] - Added reference [5]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2017-5432
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 29.08.2017
Summary
NethServer is an operating system for the Linux enthusiast, designed for small offices and medium enterprises. It's simple, secure and flexible.Description
NethServer suffers from an authenticated stored XSS vulnerability. Input passed to the 'BackupConfig[Upload][Description]' POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.Vendor
NethServer.org - https://www.nethserver.orgAffected Version
7.3.1611-u1-x86_64Tested On
Kernel 3.10.0.-514.el7.x86_64 on an x86_64CentOS Linux 7.3.1611 (Core)
Vendor Status
N/APoC
nethserver_xss.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5433.php[2] https://cxsecurity.com/issue/WLB-2017080191
[3] https://packetstormsecurity.com/files/143943
[4] https://www.exploit-db.com/exploits/42579/
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/131087
Changelog
[29.08.2017] - Initial release[31.08.2017] - Added reference [5]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
