CVE-2018-19649

Vulnerability

A reflected cross-site scripting (XSS) vulnerability exists in InfoVista VistaPortal SE Version 5.1 (build 51029) in the VPortal/mgtconsole/RolePermissions.jsp endpoint. The ConnPoolName parameter is not properly sanitized before being reflected back to the user, allowing an attacker to inject arbitrary HTML or JavaScript [1].

Exploitation

The attacker must craft a malicious URL containing a payload in the ConnPoolName parameter and deliver it to a victim who is authenticated to the VistaPortal management console. No user interaction beyond clicking the link (or being redirected) is required. The payload is reflected immediately in the server response and executed in the victim's browser context [1].

Impact

Successful exploitation enables the attacker to execute arbitrary JavaScript in the context of the victim's session within the VistaPortal application. This can lead to session hijacking, defacement, or theft of sensitive information accessible within the management console. The attack does not require any special privileges beyond the victim having an active session [1].

Mitigation

As of the publication date, no vendor patch or workaround has been disclosed in the available references. The advisory from Packet Storm [1] indicates the vulnerability affects VistaPortal SE 5.1 (build 51029). It is recommended to apply any vendor updates or mitigations if they become available, and to restrict access to the management console to trusted networks.