Apache Jackrabbit 'q' Parameter XSS

medium Nessus Plugin ID 35452

Synopsis

The remote web server contains a Java web application that is affected by two cross-site scripting vulnerabilities.

Description

The remote host is running Apache Jackrabbit, an open source webapp that implements the Java Content Repository (JCR) API.

The version of Apache Jackrabbit running on the remote host fails to sanitize user input to the 'q' parameter of the 'search.jsp' and 'swr.jsp' pages before including it in dynamic HTML output. An attacker can exploit these issues to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.

Solution

Upgrade to Apache Jackrabbit 1.5.2 or later.

See Also

https://issues.apache.org/jira/browse/JCR-1925

http://www.nessus.org/u?8112eea3

https://www.securityfocus.com/archive/1/500196/30/0/threaded

Plugin Details

Severity: Medium

ID: 35452

File Name: apache_jackrabbit_q_xss.nasl

Version: 1.14

Type: remote

Published: 1/23/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:apache:jackrabbit

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Exploited by Nessus: true

Reference Information

CVE: CVE-2009-0026

BID: 33360

CWE: 79

SECUNIA: 33576