exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Parallels Plesk Panel 9.5 Cross Site Scripting

Parallels Plesk Panel 9.5 Cross Site Scripting
Posted Nov 6, 2019
Authored by Rafay Baloch, Muhammad Samak

Parallels Plesk Panel version 9.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-18793
SHA-256 | f479f494df9b2a23a64dc1f5f4af1968885c089c5bc642df0528b82a09b48557

Parallels Plesk Panel 9.5 Cross Site Scripting

Change Mirror Download
#Exploit Title: Parallels Plesk Panel 9.5 Reflected XSS

#Release Date: 06/11/2019

#Company: Cyber Citadel

#CVE-ID: 2019-18793

#Website: www.cybercitadel.com

#Vendor: www.plesk.com

#Versions 9.5



*Description*



A Cross Site Scripting vulnerability occurs when an attacker can inject
JavaScript in context of the web application. The vulnerability occurs when
user input is not sanitized before it’s returned back to the user. Because
JavaScript is able to access your DOM (Document Object Model) an attacker
can craft a JavaScript payload which can be used to steal the victim’s
session cookies and send it to a domain that they control thereby hijacking
the session.



The vulnerability exists in "*fileName*" parameter reflected in application
response were later being reflected in different parts of application
response.



*Credits *



Discovered by: Rafay Baloch and Muhammad Samak



*POC*



https://target/locales/tr-TR/help/index.htm?fileName=javascript:alert(document.domain)



*Solution*

Any user-generated input should be HTML-encoded, at any point, where it is
copied into application responses.

All HTML meta characters should be replaced with the corresponding HTML
entities. The following meta characters shall be filtered out before they
are displayed back to the user.

[1] | (pipe sign)

[2] & (ampersand sign)

[3] ; (semicolon sign)

[4] $ (dollar sign)

[5] % (percent sign)

[6] @ (at sign)

[7] ʹ (single apostrophe)

[8] ʺ (quotation mark)

[9] \ʹ (backslash‐escaped apostrophe)

[10] \ʺ (backslash‐escaped quotation mark)

[11] <> (triangular parenthesis)

[12] () (parenthesis)

[13] + (plus sign)

[14] CR (Carriage return, ASCII 0x0d)

[15] LF (Line feed, ASCII 0x0a)

[16] , (comma sign)

[17] \ (backslash)

*Recommendation*



Upgrade to the latest version of Parallel Plesk.
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close