I use GoDaddy.com's Website Protection Site Scanner for many websites I manage. The site scanner came back recently with a warning on one site there is a stating Cross-Site Scripting Vulnerability. I was hoping someone else may have been flagged with this and would be able to help save me a lot of time figuring out a fix. My site is on Joomla 1.7.3.
The remote web server is prone to cross-site scripting attacks.
The remote web server hosts one or more cgi scripts that fail to
leveraging this issue, an attacker may be able to cause arbitrary HTML
and script code to be executed in a user's browser within the security
context of the affected site. These XSS vulnerabilities are likely to
be 'non-persistent' or 'reflected'.
See Also: http://en.wikipedia.org/wiki/Cross_site ... persistent http://www.Site
Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
Restrict access to the vulnerable application. Contact the vendor
for a patch or upgrade.
Using the POST HTTP method, Site Scanner found that :
+ The following resources may be vulnerable to cross-site scripting (extended patterns) :
+ The 'searchword' parameter of the /component/search/ CGI :
/component/search/ [searchword=508 src=http://www.example.com/exploit508
-------- output --------
Search Keyword: </label>
<input type="text" name="searchword" id="search-searchword" size="30" ma
xlength="20" value="508 src=http://www.example.com/exploit508.js" class=
<button name="Search" onclick="this.form.submit()" class="button"> [...]
<input type="hidden" name="task" value="search" />
Other references : CWE:79, CWE:80, CWE:81, CWE:83, CWE:20, CWE:74, CWE:442, CWE:712, CWE:722, CWE:725, CWE:811, CWE:751, CWE:801, CWE:116, CWE:692, CWE:86