HTTP: InterWoven WorkDocs XSS Vulnerability
This signature detects attempts to exploit a known cross-site scripting vulnerability against Interwoven WorkDocs, a document management tool for the enterprise. It is possible for a malicious attacker to inject script code into malformed URL which may eventually lead to many different attack scenarios including the gathering of credentials for use within WorkDocs. Depending on the script executed, the victim's browser will behave according to the functionality of the injected script. For example, if the attacker injects the following scripting code, "<script>location.reload()</script>", the client's browser will keep reloading the present URL infinitely, forcing the visitor to close the current Browser window. If the script was "<script>alert(document.cookie)</script>', the browser will popup an alert dialog displaying the current cookie. Therefore, depending on the goal of the attacker, the behaviour of the attack target will change.
Short Name
HTTP:STC:INTERWOVEN-WORKDOC-XSS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
InterWoven Vulnerability WorkDocs XSS
Release Date
06/14/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown