CGI Generic HTML Injections (quick test)

medium Nessus Plugin ID 49067

Synopsis

The remote web server may be prone to HTML injections.

Description

The remote web server hosts CGI scripts that fail to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML to be executed in a user's browser within the security context of the affected site.

The remote web server may be vulnerable to IFRAME injections or cross-site scripting attacks :

- IFRAME injections allow 'virtual defacement' that might scare or anger gullible users. Such injections are sometimes implemented for 'phishing' attacks.

- XSS are extensively tested by four other scripts.

- Some applications (e.g. web forums) authorize a subset of HTML without any ill effect. In this case, ignore this warning.

Solution

Either restrict access to the vulnerable application or contact the vendor for an update.

See Also

http://www.nessus.org/u?602759bc

Plugin Details

Severity: Medium

ID: 49067

File Name: torture_cgi_inject_html.nasl

Version: 1.16

Type: remote

Published: 9/1/2010

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: Settings/enable_web_app_tests

Reference Information

CWE: 80, 86