Alcatel-Lucent OmniSwitch 6250 Switch sys_filesystem_info_si.html Multiple Parameter Stored XSS

The Alcatel-Lucent OmniSwitch 6250 Switch has a cross-site scripting (XSS) vulnerability in the /sys/content/sys_filesystem_info_si.html page (CVE-2016-78002). An authenticated user with permission to update the fields can inject arbitrary JavaScript into three fields that will be stored and displayed on /phys/content/phys_chs_info_stable.html when viewed. The fields/parameters are Contact (EmWeb_ns:mip:208.T1:O1 parameter), Name (EmWeb_ns:mip:209.T1:O2 parameter), Location (EmWeb_ns:mip:210.T1:O3 parameter) which are updated by a POST request.

The payload looks like:



Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: