CGI Generic On Site Request Forgery (OSRF)

Medium Nessus Plugin ID 47832


The remote web server may be prone to On Site Request Forgery attacks.


The remote web server hosts CGI scripts that fail to adequately sanitize request strings with special characters like dots, slashes, backslashes, equal signs, question marks, etc.

By leveraging this issue, an attacker may be able to cause arbitrary GET requests to be executed by a user when he visits the vulnerable pages.

On Site Request Forgery (OSRF) is a variant of the wider Cross-Site Request Forgery (CSRF) attack class.

** The web application will not be affected by this weakness if the
** sensitive operations are all performed through POST or if some common
** defenses against Cross-Site Request Forgery are implemented.
** Even if this weakness cannot be exploited in the current state of the
** web application, allowing users to inject arbitrary characters in
** pages is definitely dangerous.


Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.

See Also

Plugin Details

Severity: Medium

ID: 47832

File Name: torture_cgi_on_site_request_forgery.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 2010/07/26

Updated: 2018/11/15

Dependencies: 39471, 10107, 47830, 67257, 56243

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: Settings/enable_web_app_tests

Reference Information

CWE: 345, 346, 352, 928, 936