Astaro Security Gateway HTML-injection Vulnerability

vendor:

Security Gateway

by:

SecurityFocus

7,5

CVSS

HIGH

HTML-injection

CWE

Product Name: Security Gateway

Affected Version From: Astaro Security Gateway 8.1

Affected Version To: Astaro Security Gateway 8.1

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2012

Astaro Security Gateway HTML-injection Vulnerability

Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to generate web pages.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/51301/info

Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would run in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user.

Astaro Security Gateway 8.1 is vulnerable; other versions may also be affected. 

<div style="left: 300px; top: 220px; z-index: 2000; visibility: visible;" class="iPopUp" id="iPopup_2"><div 

class="iPopUpTitle">Please confirm:</div><div class="iPopUpText"><p>&#8203;&#8203;&#8203;&#8203;&#8203;Are you sure 
that you want to delete the X509 certificate 

with private key object '>"<INCLUDED PERSISTENT SCRIPTCODE HERE!!!">'?</p></iframe></p></div><table border="0" 

cellpadding="0" cellspacing="0"><tbody><tr><td style="padding: 2px;"><div id="btnDefault_iPopup_2" class="button" 
style="width: 

auto; cursor: pointer; color: black; font-weight: bold;"><div class="button_left"></div><div class="button_center" 
style="width: 

auto;"><span style="font-weight: normal;">OK</span></div><div 
class="button_right"></div></div></td>&#8203;&#8203;&#8203;&#8203;&#8203;<td style="padding: 

2px;"><div class="button" style="width: auto; cursor: pointer; color: black;"><div class="button_left"></div><div 

class="button_center" style="width: auto;"><span style="font-weight: normal;">Cancel</span></div><div 

class="button_right"></div></div></td></tr></tbody></table></div>

        ../index.dat