ET WEB_SPECIFIC_APPS IBM Lotus Sametime Server stconf.nsf Cross Site Scripting Attempt

SID: 2012395Rev: 40 views

Sourceet/open

CreatedMarch 1, 2011

UpdatedSeptember 13, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS IBM Lotus Sametime Server stconf.nsf Cross Site Scripting Attempt"; flow:established,to_server; http.uri; content:"stconf.nsf"; nocase; content:"unescape"; nocase; fast_pattern; pcre:"/stconf.nsf.+(script|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange|style\x3D).+unescape/i"; reference:bid,46471; reference:cve,2011-1038; classtype:web-application-attack; sid:2012395; rev:4; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2011_03_01, cve CVE_2011_1038, deployment Datacenter, signature_severity Major, tag XSS, tag Cross_Site_Scripting, updated_at 2020_09_13;)

References

bid	46471
cve	2011-1038

Metadata

affected productWeb_Server_Applications

attack targetWeb_Server

created at2011_03_01

cveCVE-2011-1038

deploymentDatacenter

signature severityMajor

tagCross_Site_Scripting

updated at2020_09_13

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!