header-logo
Suggest Exploit
vendor:
Openfiler
by:
Dolev Farhi
8,8
CVSS
HIGH
Persistent Cross Site Scripting
79
CWE
Product Name: Openfiler
Affected Version From: 2.99.1
Affected Version To: 2.99.1
Patch Exists: YES
Related CWE: N/A
CPE: a:openfiler:openfiler
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2014

Multiple persistent XSS in Openfiler

Multiple Persistent Cross Site Scripting vulnerabilities were discovered in Openfiler. An attacker can inject malicious JavaScript code into the NAC name field or the Logical Volume description field, which will be reflected in the application. This can be used to steal cookies and other sensitive information from the user's browser.

Mitigation:

Openfiler should validate user input to prevent malicious code from being injected into the application.
Source

Exploit-DB raw data:

# Exploit Title: Multiple persistent XSS in Openfiler

# Exploit author: Dolev Farhi @f1nhack

# Date 07/05/2014

# Vendor homepage: http://www.openfiler.com

# Affected Software version: 2.99.1

# Alerted vendor: 7.5.14


Software Description
=====================
Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based 
Storage Area Networking functionality in a single cohesive framework.



Vulnerability Description
=========================
Multiple Persistent Cross Site Scripting 



Steps to reproduce / PoC:
=========================
1.1. Login to Openfiler dashboard.

1.2. Under system tab -> Network Access Configuration create a new NAC

1.3. Name the NAC <script>alert(document.cookie);</script>

1.4. Navigate to another tab.

1.5. Navigate back to System tab

1.6. the XSS reflects to the window.



2.1. Create a new Volume Group.

2.2. Create a new Logical Volume with any name you want.

2.3. in the Description, enter </script>alert("XSS")</script>

2.4. Click OK.

2.5. Navigate to "Shares" tab -> XSS

2.6. Navigate to "Snapshot Shares" -> XSS

2.7. Navigate to "Existing shares" -> XSS

2.8. Navigate to "Quota" -> XSS





  <-> PoC Video: https://www.youtube.com/watch?v=CLG5iS3qU-M&feature=youtu.be

Navigation

Suggest Exploit

Services By CQR