header-logo
Suggest Exploit
vendor:
ViewCVS
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: ViewCVS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

ViewCVS Cross-Site Scripting Vulnerability

ViewCVS does not filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks. An attacker may exploit this by constructing a malicious link with script code to a site running ViewCVS and sending it to a legitimate user of the site. When the legitimate user follows the link, the attacker's script code is executed in their web client in the security context of the website running ViewCVS.

Mitigation:

Input validation should be used to ensure that user-supplied data is not used to generate malicious HTML or script code.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4818/info

ViewCVS does not filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks.

An attacker may exploit this by constructing a malicious link with script code to a site running ViewCVS and sending it to a legitimate user of the site. When the legitimate user follows the link, the attacker's script code is executed in their web client in the security context of the website running ViewCVS. 

http://target/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert("hello")</script>

http://target/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev"><script>alert("hello")</script>

Navigation

Suggest Exploit

Services By CQR