BASE, a well known Snort Frontend has 3 Persistent Cross Site Scripting
For those who don't know, Cross-Site Scripting allows the attacker to inject
vulnerability exists in BASE, this allows an attacker to drop alerts(all of
them or specific alerts), modify user information including passwords,
modify the configuration of BASE and many other tasks. The only limitation
is the attacker's creativity.
The vulnerabilities exist in pages that use the information from 3 different
components of BASE including: alert groups, roles and user information.
For creating a user, the name field was found to be vulnerable. For the name
For creating an alert group, we just need to include a closure for the html
html encoding being used on the page.
For creating a role, both the name and the description field were
vulnerable. The name field was limited to a specific number of characters.
To verify I just injected XSS and verified it rendered properly. The
Screenshots can be found at: