In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code will be executed. (recoverpassword.do also has an open redirect issue for a similar reason.)
References
Link | Resource |
---|---|
https://docs.wso2.com/display/Security/2021+Advisories | Vendor Advisory |
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1314 | Vendor Advisory |
https://docs.wso2.com/display/Security/2021+Advisories | Vendor Advisory |
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1314 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://docs.wso2.com/display/Security/2021+Advisories - Vendor Advisory | |
References | () https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1314 - Vendor Advisory |
Information
Published : 2021-12-07 21:15
Updated : 2024-11-21 06:14
NVD link : CVE-2021-36760
Mitre link : CVE-2021-36760
CVE.ORG link : CVE-2021-36760
JSON object : View
Products Affected
wso2
- identity_server_as_key_manager
- iot_server
- identity_server
- api_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')