CVE-2018-17150
Description
InterSystems Cache 2017.2.2.865.0 is vulnerable to cross-site scripting (XSS), allowing remote attackers to execute arbitrary JavaScript via crafted links.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
InterSystems Cache 2017.2.2.865.0 is vulnerable to cross-site scripting (XSS), allowing remote attackers to execute arbitrary JavaScript via crafted links.
Vulnerability
InterSystems Cache versions 2017.2.2.865.0 and 2018.1.2 are affected by both stored and reflected cross-site scripting (XSS) vulnerabilities [1]. The reflected XSS can be triggered by crafting a malicious link that, when clicked by an authenticated user, executes arbitrary JavaScript in the context of the user's session. The stored XSS can be exploited by a low-privilege user to inject malicious scripts that affect administrative users.
Exploitation
An attacker can exploit reflected XSS by sending a crafted URL to an authenticated user, including administrators, without requiring authentication [1]. For stored XSS, a low-privilege user can inject malicious script into application data that is later rendered to higher-privilege users, such as administrators. No special network position is required; the attack can be launched remotely.
Impact
Successful exploitation allows an attacker to execute arbitrary JavaScript within the victim's browser, potentially leading to privilege escalation, session hijacking, or theft of sensitive data [1]. The CVSS score is 6.5 (Medium) with a vector indicating network access, low complexity, no privileges required, user interaction required, and changed scope [1].
Mitigation
InterSystems released version 2018.1.2 on March 14, 2019, which remediates some XSS instances [1]. However, remaining XSS issues persist in that version as noted in Appendix C. Users are advised to update to the latest version, disable the samples application, and avoid using Private Pages functionality as an authorization mechanism [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Intersystems/Cachedescription
- Range: = 2017.2.2.865.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing input sanitization of the dashboard folder name field allows injection of arbitrary HTML and JavaScript."
Attack vector
An attacker can exploit stored XSS by creating a malicious dashboard folder name containing a JavaScript payload, such as `">
Affected code
The stored XSS occurs in the dashboard creation functionality at `/csp/samples/_DeepSee.UserPortal.Home.zen` within the InterSystems Caché Management Portal. The vulnerable field is the new dashboard folder name, which is stored and later rendered at `/csp/samples/_DeepSee.UI.FolderManager.zen` [ref_id=1]. The advisory also notes that reflected XSS instances exist but does not enumerate specific endpoints [ref_id=1].
What the fix does
The advisory states that InterSystems released Cache 2018.1.2 on March 14, 2019, which remediated "some instances of cross-site scripting (XSS)" [ref_id=1]. However, the remaining XSS instances persisted as described in the advisory's Appendix C [ref_id=1]. The recommended mitigations include updating to the latest version, disabling the samples application, and avoiding use of the Private Pages functionality as an authorization mechanism [ref_id=1]. No patch diff is provided in the bundle.
Preconditions
- authFor stored XSS, the attacker must be a low-privilege authenticated user of the InterSystems Caché Management Portal
- inputFor reflected XSS, the attacker must entice an authenticated user (including administrators) to click a malicious link
- configThe samples application must be enabled (default configuration)
- networkNetwork access to the InterSystems Caché web interface is required
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- know.bishopfox.com/advisories/intersystems-cache-2017-2-2-865-0-vulnerabilitiesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.