PT-2003-1595 · Vignette · Vignette V/6+2

Ramon Pinuaga Cascales

Published

2003-06-11

Updated

2016-10-18

CVE-2003-0404

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Vignette StoryServer versions 4 and 5 Vignette V/5 and V/6

Description: The issue allows remote attackers to insert arbitrary HTML and script via text variables. This can be demonstrated using the errInfo parameter of the default login template, such as "/api/v1/login" or similar endpoints. The vulnerability enables attackers to execute malicious scripts on the client-side.

Recommendations: For Vignette StoryServer versions 4 and 5, and Vignette V/5 and V/6, consider restricting access to the errInfo parameter in the default login template as a temporary workaround until a patch is available. Avoid using the errInfo parameter in affected API endpoints until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0404

Affected Products

Vignette Storyserver

Vignette V/5

Vignette V/6

PT-2003-1595 · Vignette · Vignette V/6+2

CVE-2003-0404

Related Identifiers

Affected Products

References · 6