CVE-2011-4273
published 2011-11-03CVE-2011-4273: Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group…
PriorityP423medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
4.77%
90.8th percentile
Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| goahead | goahead_webserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wqm3-xvpx-4868: Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2
ghsa_unreviewed·2022-05-17
CVE-2011-4273 [MEDIUM] CWE-79 GHSA-wqm3-xvpx-4868: Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2
Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp.
CISA ICS
Hitachi Energy MSM Product
cisa_ics·2022-08-30·CVSS 4.3
[MEDIUM] Hitachi Energy MSM Product
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Hitachi Energy MSM Product
Last RevisedAugust 30, 2022
Alert CodeICSA-22-242-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: MSM Product
- Vulnerability: Reliance on Uncontrolled Component
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports multiple open-source softwar
No detection rules found.
Exploit-DB
GoAhead Web Server 2.18 - 'adduser.asp' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2011-10-10
CVE-2011-4273 GoAhead Web Server 2.18 - 'adduser.asp' Multiple Cross-Site Scripting Vulnerabilities
GoAhead Web Server 2.18 - 'adduser.asp' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/50039/info
GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
GoAhead WebServer 2.18 is vulnerable; other versions may also be affected.
POST /goform/AddUser HTTP/1.1
user=%3Cscript%3Ealert%281337%29%3C%2Fscript%3E&group=%3Cscript%3Ealert%281337%2
9%3C%2Fscript%3E&enabled=on&password=test&passconf=
Exploit-DB
GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
exploitdb·2011-10-10
CVE-2011-4273 GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/50039/info
GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
GoAhead WebServer 2.18 is vulnerable; other versions may also be affected.
POST /goform/AddAccessLimit HTTP/1.1
url=alert(1337)&group=test&method=3&ok=OK
Exploit-DB
GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
exploitdb·2011-10-10
CVE-2011-4273 GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/50039/info
GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
GoAhead WebServer 2.18 is vulnerable; other versions may also be affected.
POST /goform/AddGroup HTTP/1.1
group=alert(1337)&privilege=4&method=1&enabled=on&ok=OK
2011-11-03
Published