XSS in Canopy login page

[Description]

CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page Disclaimer,

allowing attacks by low-privileged users against higher-privileged users.This

instance of stored cross-site scripting (XSS) vulnerability could

allow any users with administrator rights to inject malicious scripts

to compromise any users that visit the login page.

ENROLL TODAY IN THE DevOps Fundamentals:linux Implementing Continuous Delivery SELF PACED COURSE! $199

[Authors]

Wen Bin Kong (@kongwenbin) & @ryantzj

[CVSSv3 Score] 3.8

[Affected Product Code Base] Canopy – 3.0.0-3.0.6

[Attack Vectors]

If a low privileged user were to enter a Cross-Site Scripting payload

into the Login Page Disclaimer, then when a user with higher

privileges browse the login page, the malicious content would be

executed within the latter’s user context. The malicious payload could

also be configured to perform any application action available to the

authenticated user.

ENROLL IN OUR 95% STUDENT SATISFACTION COURSE, LFD401 – DEVELOPING APPLICATIONS FOR LINUX, AND GET A FREE DELL CHROMEBOOK 11!

Full article:

http://seclists.org/fulldisclosure/2018/Jun/45

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.