===================================================================== CERT-Renater Note d'Information No. 2013/VULN421 _____________________________________________________________________ DATE : 23/09/2013 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running KnowledgeView Editorial and Management application. ====================================================================== http://www.kb.cert.org/vuls/id/521348 ______________________________________________________________________ Vulnerability Note VU#521348 KnowledgeView Editorial and Management application cross-site scripting vulnerability Original Release date: 23 sept. 2013 | Last revised: 23 sept. 2013 Overview KnowledgeView Editorial and Management application contains a reflected cross-site scripting (XSS) vulnerability (CWE-79). Description CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') KnowledgeView Editorial and Management application contains a reflected cross-site scripting vulnerability that can allow an attacker to inject arbitrary HTML content (including script) via the vulnerable query string parameter username. Impact A remote unauthenticated attacker can conduct a cross-site scripting attack, which may be used to result in information leakage, privilege escalation, and/or denial of service. Solution We are currently unaware of a practical solution to this problem. Please consider the following workaround. Restrict access As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the web interface using stolen credentials from a blocked network location. Vendor Information (Learn More) Vendor Status Date Notified Date Updated Knowledgeview Affected 21 Aug 2013 11 Sep 2013 If you are a vendor and your product is affected, let us know. CVSS Metrics (Learn More) Group Score Vector Base 5,0 AV:N/AC:L/Au:N/C:N/I:P/A:N Temporal 4,0 E:POC/RL:U/RC:UC Environmental 3,0 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND References http://cwe.mitre.org/data/definitions/79.html http://www.knowledgeview.co.uk/index.php Credit Thanks to Ali Hussein of Help AG Middle East for reporting this vulnerability. This document was written by Adam Rauf. Other Information CVE IDs: CVE-2013-3616 Date Public: 23 sept. 2013 Date First Published: 23 sept. 2013 Date Last Updated: 23 sept. 2013 Document Revision: 10 Feedback If you have feedback, comments, or additional information about this vulnerability, please send us email. ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================