Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Netsweeper 4.0.9 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in Netsweeper 4.0.9. Netsweeper is a software used for web content filtering and security. This vulnerability allows an attacker to execute arbitrary scripts in the browser of an unsuspecting user. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.
This module was authored by daffainfo.
If successfully exploited, this cross-site scripting vulnerability in Netsweeper 4.0.9 can lead to various security risks. An attacker can inject malicious scripts into web pages viewed by users, potentially compromising their sensitive information, performing unauthorized actions, or spreading malware.
The "Netsweeper 4.0.9 - Cross-Site Scripting" module works by sending a specific HTTP request to the target server and then analyzing the response. The module checks for the presence of certain patterns in the response body, headers, and the HTTP status code to determine if the vulnerability exists.
Here is an example of an HTTP request used by the module:
GET /webadmin/reporter/view_server_log.php?server=localhost&act=stats&filename=&offset=1&count=1000&sortorder=&log=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&offset=&sortitem=&filter= HTTP/1.1
The module then applies the following matching conditions:
- The response body must contain the string "</script><script>alert(document.domain)</script>" - The response headers must include the string "text/html" - The HTTP status code must be 200If all the matching conditions are met, the module reports the presence of the cross-site scripting vulnerability in Netsweeper 4.0.9.