CVE-2018-8978

Vulnerability

Open-AudIT Professional 2.1 is susceptible to a reflected cross-site scripting (XSS) vulnerability. The application reflects user-supplied input from the URI without proper sanitization, allowing an attacker to inject an IMG element with a crafted src attribute. The vulnerability is triggered when the URI contains a malicious payload, such as a data URI with base64-encoded JavaScript, as demonstrated in the proof-of-concept [1]. The affected version is Open-AudIT Professional 2.1.

Exploitation

An attacker can exploit this vulnerability by crafting a URI that includes an IMG tag with a malicious src attribute (e.g., data:text/html;base64,...). The attacker must convince a victim to click the crafted link. No authentication or special privileges are required. The injected script is reflected in the server's response and executed in the victim's browser [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser. This can lead to session hijacking, credential theft, defacement, or other actions performed on behalf of the authenticated user. The impact is limited to the browser session and does not directly compromise the server [1].

Mitigation

As of the publication date (March 25, 2018), no official patch or workaround has been disclosed in the available references. Users should monitor vendor updates for a fix. If possible, restrict access to the application or apply input validation and output encoding to prevent XSS [1].