Search the Community

Vulnerable soft: Applicure DotDefender (all versions) Vendor's site: Download dotDefender 5.00 & 5.13 Vulnerabilities: Persistent XSS,Log forging,Potential DoS When Discovered: 15 March 2015 Discovered by: AkaStep Under some circumstances this is possible attack DotDefender's admin interface and as result conduct PHISHING/Log forging/Potential Denial Of service against "Log Viewer" functionality. The main reason of vulnerability: DotDefenders Developers trusts to X-Forwarded-for HTTP Header and to it's variable (that is client side controllable) and sadly there is no any validation/sanitization of that variable and it's val. This vulnerability was successfully tested against for the following configurations:(in Lab/ Production environment) 1) Apache Traffic Server ===> Apache 2.4 2) Apache 2.4 with mod_proxy. Tested versions:(But other versions may also be affected) • dotDefender Version: 5.12-13217 • Web Server Type: Apache • Server Operating System: Linux • Web Server Version: Unknown • dotDefender Version: 5.13-13282 • Web Server Type: Apache • Server Operating System: Linux • Web Server Version: Unknown Read more: http://packetstorm.wowhacker.com/1503-exploits/DotDefender-XSS.pdf