CVE-2018-19769

Vulnerability

InfoVista VistaPortal SE Version 5.1 (build 51029) contains a reflected cross-site scripting (XSS) vulnerability in the UserProperties.jsp page [1]. The ConnPoolName parameter is not properly sanitized before being reflected back to the user, allowing an attacker to inject arbitrary HTML or JavaScript code. The vulnerable version is explicitly named as build 51029 [1].

Exploitation

An attacker can exploit this vulnerability by crafting a malicious URL containing the XSS payload in the ConnPoolName parameter and tricking a user to click on it. No authentication is required, but user interaction is needed for the victim to load the constructed link [1]. The reflection occurs when the server responds with the unescaped input.

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser session. This can lead to information disclosure, session hijacking, or defacement of the affected portal page. The impact is limited to the user's browser session and does not provide server-side code execution [1].

Mitigation

The first reference discloses the issue via Packet Storm but does not mention an official fix [1]. No patch or fixed version is listed in the available references. Users should apply input validation or output encoding for the ConnPoolName parameter as a workaround. As of the publication date, the vendor may need to be contacted for an update.