2FA VPN Authorization email link is vulnerable to XSS injection

Hello,

We have recently enabled 2 Factor Authentication for VPN Access on a Zywall 110.  We noticed that the Authentication link is vulnerable to XSS injection, as displayed below:

https://Address/2FA-access.cgi?key=%22;%20alert(1)//

We removed the Address, but this is the link that is sent via email.  We have modified the key to show a proof of concept.  

Will there be a fix for this in future firmware updates?

We look forward to your reply.

All Replies

Security Highlight