CVE-2020-15051

Vulnerability

Artica Proxy before version 4.30.000000 contains multiple stored cross-site scripting (XSS) vulnerabilities in several administrative input fields. The affected fields include Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, and Task Description. An attacker can inject arbitrary JavaScript or HTML that is stored and then executed when an administrator views the affected pages [1].

Exploitation

To exploit these vulnerabilities, an attacker needs authenticated access with the ability to modify the vulnerable fields. The attacker submits crafted input containing malicious scripts in any of the listed fields. When an administrator subsequently accesses the management interface and views the stored data, the injected script executes in the context of the victim's browser session. No additional user interaction beyond the administrator viewing the affected page is required [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the administrator's browser session. This can lead to session hijacking, defacement of the administrative interface, or redirection to malicious sites. The XSS executes with the privileges of the authenticated administrator, potentially allowing further compromise of the Artica Proxy appliance [1].

Mitigation

The issue is fixed in Artica Proxy version 4.30.000000 as indicated by the advisory [1]. Administrators should upgrade to this version or later. No workarounds are documented in the available references. If immediate upgrade is not possible, restrict access to the administrative interface to trusted users only.