CVE-2017-14651

Vulnerability

WSO2 Data Analytics Server version 3.1.0 contains a reflected cross-site scripting (XSS) vulnerability in the carbon/resources/add_collection_ajaxprocessor.jsp page. The collectionName and parentPath parameters are not properly sanitized before being reflected in the response. Additionally, a similar issue exists in permissions_ajaxprocessor.jsp via the path parameter [1].

Exploitation

An attacker must be authenticated to exploit this vulnerability. The attacker can craft a POST request to add_collection_ajaxprocessor.jsp with malicious JavaScript payloads in the collectionName or parentPath parameters. A GET request to permissions_ajaxprocessor.jsp with a crafted path parameter also triggers XSS. User interaction is required if the attacker needs to trick a logged-in user into clicking a link or submitting a form [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of the victim's session. This can lead to session hijacking, cookie theft, and potential modification of the victim's account, including password changes [1].

Mitigation

The vendor has fixed this issue; therefore, upgrading to a patched version is recommended. According to the bug report, the status is "Fixed" [1]. Specific fixed version details are not provided, so users should contact WSO2 for the latest patched release.