Orion Application Server Web Examples Multiple XSS

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.


Synopsis :

The remote web server includes at least one JSP application that is
affected by a cross-site scripting vulnerability.

Description :

The remote web server uses Orion Application Server, an application
server hosted on a Java2 platform.

It currently makes available at least one example JSP application that
fails to sanitize user-supplied input before using it to generate
dynamic HTML output. Specifically, the 'item' parameter of the
'examples/jsp/sessions/carts.jsp' script, the 'fruit' parameter of
'examples/jsp/checkbox/checkresult.jsp' script, and the 'time'
parameter of the 'examples/jsp/cal/cal2.jsp' script are known to be
affected. An attacker may be able to leverage this to inject
arbitrary HTML and script code into a user's browser to be executed
within the security context of the affected site.

See also :

http://archives.neohapsis.com/archives/bugtraq/2009-09/0038.html
http://archives.neohapsis.com/archives/bugtraq/2009-07/0110.html

Solution :

Undeploy the web examples distributed with Orion.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: CGI abuses : XSS

Nessus Plugin ID: 40985 ()

Bugtraq ID:

CVE ID: