XSS vulnerability and broken code in LSWS Server Log Viewer
LSWS Standard Edition 4.0.14 has a potential XSS vulnerability within the Web Administration Console, specifically within the Server Log Viewer.
I think this needs to be fixed. Bad things can potentially happen.
The lack of sanitisation of the request data presented in the Server Log Viewer can also cause the page HTML of the Server Log Viewer to break or render improperly.
The images below illustrate these problems.
This is produced by the Server Log Viewer displaying the following request that generated a 404:
When you examine the HTML at the bottom of that page, this is the HTML that causes the page display to break, by introducing an unclosed script string:
Browser used was Opera 9 but both of these issues could occur in many other browsers. LSWS version used was 4.0.14 Std but the same problem may occur in other LSWS editions.
if you do view source, the <script> tag should already be encoded.
tested on firefox, chrome, opera 10, cannot reproduce this.
I can easily reproduce this on firefox 3.0.11 too.
I'll try and sent you a pm with an attached htm file that is a straight View Source > Save of a page with the offending code. To open the file, go File > Open in firefox and see what happens.
Probably other browsers will do the same. I haven't checked widely.
I think you need to re-check the HTML code parsing routine you are using to ensure that no active <script> tags remain in the code you display here.
|All times are GMT -7. The time now is 10:08 PM.|