Saturday, 8 February 2014

XSS (Cross Site Scripting) Vulnerability Found in Dell.com

According to OWASP, Cross-Site Scripting (XSS) attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page

From: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

On May 28th 2013, an XSS vulnerability on Dell.com website was found and posted at pastebin.com.

(screenshot of the XSS on Dell)

As of now, the XSS vulnerability is fixed and could not be reproduced. However, on Jan 20th 2014, a security analyst by the name of Jordan Jones found the same issue on a different page of the same website and posted a screen shot of the POC on Twitter.

(the twitter post by Jordan Jones)

(the executed vulnerability)

He was kind enough to inform Dell Security team via Twitter about the vulnerability which led Dell to inform him the person to contact.

(Jordan Jones interaction with Dell Security)

At the same time, he also posted more information about the vulnerability on pastebin.com 

(more information about the vulnerability)

Further injection of script can be tested on the parameter besides the window alert as screengrabbed by Jordan Jones. Below, is another way to exploit the vulnerability. By injecting an image to the parameter which leads to this:

(image injection to the vulnerable parameter)

To date, Dell has yet to fix this vulnerability. XSS is a serious vulnerability that is rated as High or Critical by most vulnerability scanners including Qualys and Acunetix and a well known company like Dell should fix this vulnerability as soon as possible.



No comments:

Post a Comment