Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

WebSVN 2.3.3 Cross Site Scripting

Related Vulnerabilities: CVE-2016-2511  
Publish Date: 22 Feb 2016
Author: Jakub Palaczynski
Source 
                							

                Title: WebSVN - Reflected Cross-Site Scripting
Author: Jakub Palaczynski
Date: 22. February 2016
CVE: CVE-2016-2511

Affected software:
==================

WebSVN 2.3.3
Older versions are probably also vulnerable.

Description:
============

WebSVN offers a view onto your subversion repositories that's been designed
to reflect the Subversion methodology. You can view the log of any file or
directory and see a list of all the files changed, added or deleted in any
given revision. You can also view the differences between two versions of a
file so as to see exactly what was changed in a particular revision.[1]


Vulnerability:
**************

Reflected Cross-Site Scripting:
===============================

Proof of Concept:
http://host/websvn/log.php?path=%00"><script>alert(document.domain)</script>

Fix:
It is adviced to change following line in include/setup.php file:
$path = !empty($_REQUEST['path']) ? $_REQUEST['path'] : null;
to:
$path = !empty($_REQUEST['path']) ? escape($_REQUEST['path']) : null;

"escape" function that is used to patch vulnerability was written by the
author and can be found in include/command.php file.

Reference:
==========

[1] Why WebSVN?:
http://www.websvn.info/

Contact:
========

Jakub[dot]Palaczynski[at]ingservicespolska[dot]pl


<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started