header-logo
Suggest Exploit
vendor:
StoryServer
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: StoryServer
Affected Version From: Vignette StoryServer version 4
Affected Version To: Vignette StoryServer version 6
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Vignette software Cross-Site Scripting Vulnerabilities

Vignette software has been reported prone to multiple cross-site scripting vulnerabilities. Reportedly the issue presents itself, because the Vignette software does not sufficiently sanitize HTML characters from user-supplied data. It may be possible for an attacker to supply and execute HTML and script code on a web client in the context of the site hosting the Vignette software. This may allow for theft of cookie-based authentication credentials and other attacks.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized. Additionally, applications should be configured to use secure authentication mechanisms such as SSL.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7687/info

Vignette software has been reported prone to multiple cross-site scripting vulnerabilities.

Reportedly the issue presents itself, because the Vignette software does not sufficiently sanitize HTML characters from user-supplied data.

It may be possible for an attacker to supply and execute HTML and script code on a web client in the context of the site hosting the Vignette software. This may allow for theft of cookie-based authentication credentials and other attacks.

This issue was reported for Vignette StoryServer version 4 to version 6; it has been speculated that all current versions are vulnerable. 

https://www.example.com/Page/1,10966,,00.html?var=<script>alert('s21sec')</script>

http://www.example.com/vgn/login?errInfo="%2b%20document.cookie%20%2b"