Charles River Admin Panel Reflected Cross Site Scripting

About Charles River:

Charles River provides an executable for high profile people which helps them to make decision about investment. It has some automated algorithm which performs the calculation and analysis and help the user to take investment decision.
This executable has an admin panel which is accessible through web browser.

Vulnerability:
The admin website of Charles River is vulnerable to post authentication cross site scripting vulnerability.
The file configPopup.do has parameter "n" which is vulnerable to reflected cross site scripting.

Exploit URL:

domain.com:8081/crts/admin/failover/configPopup.do?n=beanEventPublisher%3cscript%3ealert(1)%3c%2fscript%3e



Solution:
Not yet rolled out

Disclosure Timeline:
August 2018: Informed to Charles River - No reply
December 2018:Reminder mail sent through Contact Us - No reply
January 1 2019: Full disclosure.




Comments

Popular posts from this blog

Minishare 1.4.1 Bufferoverflow

MY OSCP REVIEW

Apache AXIS server pentest