Ibm sterling b2b integrator 5.2.0.1/5.2.6.3 crosssite scripting Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-08-13 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Ibm sterling b2b integrator 5.2.0.1/5.2.6.3 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
Vulnerability Details
Vulnerability Name : Persistent Cross Site Scripting
Affected Parameter(s) : fname & lname
Steps to reproduce
Step 1 : Login to the IBM Sterling B2B Integrator.
Step 2 : Navigate to Performance Tuning module, Username will be displayed as below :-
Last Edited By <USERNAME>
Note :- Modify the configuration for example and check the Last Edited By - Username. Any user (Admin or Non admin) who have privileges to change the configuration can act like an attacker.
Step 3 : Navigate to My Account and update first name and last name.
Step 4: Intercept the request using burp suite and insert the <Video><source onerror=”alert(1)”> payload & <Video><source onerror=”alert(2)”> payload in fname and lname parameter.
Step 5 : It has been observed that My account module is not vulnerable to XSS but Performance Tuning tab under Operations -> Performance is vulnerable, as the Performance Tuning tab displays the user’s first name and last name separately as “Last Edited By USERNAME”.
Step 6 : Now navigate to Performance Tuning module. It is seen that the application is vulnerable to Persistent Cross Site Scripting.
Note : It has been observed that any user who has access to Performance Tuning tab will be vulnerable and the same javascript payload will execute for them as well.
Ibm sterling b2b integrator 5.2.0.1/5.2.6.3 crosssite scripting