CVE-2004-0305

Vulnerability

A cross-site scripting (XSS) vulnerability exists in the error.asp script of WebCortex WebStores 2000 version 6.0. The Message_id parameter is not properly sanitized, allowing injection of arbitrary JavaScript code. The vulnerability is triggered when a user visits a crafted URL that includes malicious script in the Message_id parameter.

Exploitation

An attacker can exploit this vulnerability remotely without authentication. By crafting a URL with malicious JavaScript in the Message_id parameter and tricking a user into clicking it (e.g., via email or a link on another site), the attacker can execute arbitrary script in the context of the victim's browser session. This can be used to steal session cookies and gain unauthorized access to the user's account.

Impact

Successful exploitation allows the attacker to execute arbitrary script as the victim user within the WebStores application. This can lead to theft of session IDs, enabling the attacker to impersonate the victim, access personal data, and perform actions on behalf of the user.

Mitigation

No official fix or patch is mentioned in the available reference [1]. Users should consider applying generic input validation to the Message_id parameter, such as encoding or stripping HTML tags, or upgrading to a newer version of the software if available.