CVE-2022-25256

Published: Feb 19, 2022Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfs_request_backlabel_list and saspfs_request_backurl_list. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing the button, e.g., a malicious web page. In addition, the second parameter executes JavaScript, which means XSS is possible by adding a javascript: URL.

Affected (1)

Products: Sas: Web Report Studio

1 product

Web Report Studio

Configuration A

1 vulnerable · 5 platform

Vulnerable Software	Affected Versions
Sas Web Report Studio	Version 4.4

Running on/with	Platform Versions
Hpe Hp Ux Ipfilter	All versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions
Oracle Solaris	All versions

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (6)

https://github.com/RobertDra/CVE-2022-25256

Source: cve@mitre.org

Broken Link

https://sas.com

Source: cve@mitre.org

Product

https://support.sas.com/kb/62/972.html

Source: cve@mitre.org

Vendor Advisory

https://github.com/RobertDra/CVE-2022-25256

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://sas.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://support.sas.com/kb/62/972.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.