Universal Media Server v13.2.1 - Cross Site Scripting

What is "Universal Media Server v13.2.1 - Cross Site Scripting?"

The "Universal Media Server v13.2.1 - Cross Site Scripting" module is designed to detect a reflected cross-site scripting (XSS) vulnerability in Universal Media Server v13.2.1 CMS v2.0. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access or data theft. The severity of this vulnerability is classified as medium.

This module was authored by r3Y3r53.

Impact

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code within the context of the affected web application. This can lead to various consequences, including the theft of sensitive information, session hijacking, or the spread of malware to other users.

How the module works?

The module sends an HTTP GET request to the Universal Media Server v13.2.1 CMS v2.0 with a specific payload. It then checks the response for specific conditions to determine if the vulnerability is present.

Example HTTP request:

GET /%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
Host: [target_host]

The module uses the following matching conditions:

- The response body must contain the following words: "<script>alert(document.domain)</script>" and "404 - File Not Found". - The response header must contain the word "text/html". - The HTTP status code must be 200.

If all the matching conditions are met, the module reports the vulnerability.

Reference:

- Universal Media Server 13.2.1 Cross-Site Scripting

Remediation:

Fixed in version 13.2