| VID |
210153 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
Web server on the host system is vulnerable to XPath Injection Attack.
XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malformed information into the web site, an attacker can find out how the XML data is structured, or access data that he may not normally have access to. He may even be able to elevate his privileges on the web site if the XML data is being used for authentication. So, when XPath is used in web site, the web server should check validation of user's input.
* References:
https://www.owasp.org/index.php/XPATH_Injection
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
Check whether XPath expressions are in input values. and XPath expressions should be filtered.
for instance, special characters that may destroy XPath query such as the following should be blocked.
( ) = ' [ ] : , * / etc |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
