CVE-2018-11124 – Open-AudIT Community 2.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-11124
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute. Vulnerabilidad de Cross-Site Scripting (XSS) en la funcionalidad Attributes en Open-AudIT Community edition en versiones anteriores a la 2.2.2 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante un nombre de atributo manipulado de un Attribute. Open-AudIT Community version 2.1.1 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/45053 https://docs.google.com/document/d/1dJP1CQupHGXjsMWthgPGepOkcnxYA4mDfdjOE46nrhM/edit?usp=sharing • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-10314 – Open-AudIT Community 2.2.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-10314
Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section. Vulnerabilidad de Cross-Site Scripting (XSS) en Open-AudIT Community 2.2.0 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante un nombre de componente manipulado. Esto queda demostrado por el parámetro action en la sección Discover -> Audit Scripts -> List Scripts -> Download. Open-AudIT Community version 2.2.0 suffers from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/44613 https://docs.google.com/document/d/1lUHMAOnbQUfh_yBGdBB1x9n0QdVGeP9Tggu9auqpXNo/edit?usp=sharing • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-9137 – Open-AudIT 2.1 - CSV Macro Injection
https://notcve.org/view.php?id=CVE-2018-9137
Open-AudIT before 2.2 has CSV Injection. Open-AudIT en versiones anteriores a la 2.2 tiene una inyección CSV. Open-AudIT version 2.1 suffers from a CSV macro injection vulnerability. • https://www.exploit-db.com/exploits/44511 https://community.opmantek.com/display/OA/Errata+-+2.1+Security+Update%2C+April+2018 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVE-2018-9155 – Open-AudIT Professional - 2.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-9155
Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin->Logs section (with a logs?logs.type= URI) and the Manage->Attributes section (via the "Name (display)" field to the attributes/create URI). Vulnerabilidad Cross-Site Scripting (XSS) en Open-AudIT Professional 2.1.1 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el nombre manipulado de un componente. Esto se demuestra por la sección Admin->Logs (con un URI logs?logs.type=) y la sección Manage->Attributes (mediante el campo "Name (display)" en el URI attributes/create). • https://www.exploit-db.com/exploits/44612 https://docs.google.com/document/d/1ZG1qiwpECbVnv92yNckDn7yyuluKoC2_ON-eLhAY97Q/edit?usp=sharing • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-8937
https://notcve.org/view.php?id=CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirect_url parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code. Se ha descubierto un problema Open-AudIT Professional 2.1. Es posible inyectar un payload malicioso en el parámetro redirect_url en /login URI para desencadenar una redirección abierta. • https://nileshsapariya.blogspot.ae/2018/03/open-redirect-to-reflected-xss-open.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •