| Title | Yonyou UFIDA ERP-NC V5.0 Cross Site Scripting |
|---|
| Description | Summary
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in Yonyou UFIDA ERP-NC V5.0. This vulnerability allows an attacker to inject malicious JavaScript code into the application, which is then executed in the context of the victim's browser. The vulnerability is present in the menu.jsp page, where user-supplied input is not properly sanitized before being included in the HTML output.
Details
The vulnerability exists in the menu.jsp page of the Yonyou UFIDA ERP-NC V5.0 application. The flag parameter, which is passed via the URL, is directly included in the HTML output without proper sanitization. This allows an attacker to inject arbitrary JavaScript code, which is then executed in the context of the victim's browser.
···
<%String PageId = request.getParameter("flag");%>
···
<%if (PageId!=null){%>
<SCRIPT language=JavaScript>opentree('<%=PageId%>','<%=topNodes%>');</SCRIPT>
<%}%>
···
In the above code snippet, the PageId parameter is directly embedded into a JavaScript function call without any sanitization. This allows an attacker to inject malicious JavaScript code by manipulating the flag parameter in the URL.
POC
http(s)://target-ip/menu.jsp?flag=%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
|
|---|
| Source | ⚠️ https://github.com/Hebing123/cve/issues/85 |
|---|
| User | jiashenghe (UID 39445) |
|---|
| Submission | 03/10/2025 06:34 (1 Year ago) |
|---|
| Moderation | 03/24/2025 12:29 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 300731 [Yonyou UFIDA ERP-NC 5.0 /menu.jsp flag cross site scripting] |
|---|
| Points | 20 |
|---|