Ektron CMS400.NET id Parameter XSS

medium Nessus Plugin ID 41607

Synopsis

The remote web server contains a .NET application that is affected by a cross-site scripting vulnerability.

Description

The remote web server is hosting the Ektron CMS400.NET content management system. The installed version fails to properly sanitize user-supplied input to the 'id' parameter of the 'ekformsiframe.aspx script. An attacker, exploiting this flaw, could execute arbitrary script code in the browser of unsuspecting users.

Note that the 'css', 'eca', and 'skin' parameters are also reportedly affected, though Nessus has not checked for these.

Solution

Unknown at this time.

Plugin Details

Severity: Medium

ID: 41607

File Name: ektron_cms400_xss.nasl

Version: 1.15

Type: remote

Published: 9/24/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:ektron:cms4000.net

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 9/4/2009

Reference Information

CVE: CVE-2009-4473

BID: 36279

CWE: 79

SECUNIA: 36591