Category: XXE

CVE-2016-10097, XXE, SSO, Open AM 10.1.0, XML Injection, SAML Request Parameter

CVE-2016-10097 – See Also Indicators of Compromise DORK: “Copyright © 2010 ForgeRock AS, Philip Pedersens vei 1, 1366 Lysaker, Norway” XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM – Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. XXE Proof of Concept (PoC) Code for Exploit against Open AM 10.1.0 […]

CVE-2016-10097, Open AM 10.1.0, XML Injection, XXE, External Entity Resolution, SSO Data Exfiltration, PoC

TL;DR – Open AM 10.1 exploitable via XXE at /SSOPOST/metaAlias/%realm%/idpv2 XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM – Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. XXE is a means to an RCE Endpoint. XXE provides visibility into the Target System. You may find old JBOSS, PHP, Tomcat, Apache or […]

CVE-2013-1034, Stored XSS, XXE, OS X Server v2.2.1, APPLE-SA-2013-09-17-1, HTML Injection, JSON XSS, Stored DOM XSS, SQL Injection

CVE-2013-1034 Summary Last Updated 18/9/2013 @ 1800 GMTAPPLE-SA-2013-09-17-1 was released on September 17, 2013 to address multiple Bugs in OS X Server 2.2.1(163), collabd, reported to Apple Product Security on April 17, 2013. KeywordsCVE-2013-1034, Cross-Site Scripting, Apple, APPLE-SA-2013-09-17-1, CWE-79, CAPEC-86, CWE-611, OS X Version 2.2.1, DoS, Crash, CAPEC-66, Colladb, Ruby on Rails, PostgreSQLImpactCVSS Severity (version 2.0):CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N)Impact Subscore: 2.9Exploitability Subscore: 8.6CVSS […]