Apache Solr < 4.10.5 'plugin.js' XSS

medium Nessus Plugin ID 82028

Synopsis

The remote web server contains a Java application that is affected by a persistent cross-site scripting (XSS) vulnerability.

Description

The version of Apache Solr running on the remote web server is affected by a persistent cross-site scripting vulnerability due to a failure to sanitize query histories before returning them to the user of the Solr administration panel. A remote, unauthenticated attacker can exploit this issue to execute arbitrary JavaScript within the context of a victim's browser, allowing the attacker to steal session information, log key strokes, and perform other malicious attacks.

Solution

Upgrade to Apache Solr version 4.10.5 or later.

See Also

https://seclists.org/oss-sec/2015/q1/850

https://issues.apache.org/jira/browse/SOLR-6738

Plugin Details

Severity: Medium

ID: 82028

File Name: solr_4_10_5.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 3/24/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2014-3628

Vulnerability Information

CPE: cpe:/a:apache:solr

Required KB Items: installed_sw/Apache Solr

Exploit Ease: No exploit is required

Patch Publication Date: 3/15/2015

Vulnerability Publication Date: 3/15/2015

Reference Information

CVE: CVE-2014-3628

BID: 73129