2FA VPN Authorization email link is vulnerable to XSS injection
Options
Freshman Member
Hello,
We have recently enabled 2 Factor Authentication for VPN Access on a Zywall 110. We noticed that the Authentication link is vulnerable to XSS injection, as displayed below:
https://Address/2FA-access.cgi?key=%22;%20alert(1)//
We removed the Address, but this is the link that is sent via email. We have modified the key to show a proof of concept.
Will there be a fix for this in future firmware updates?
We look forward to your reply.
We have recently enabled 2 Factor Authentication for VPN Access on a Zywall 110. We noticed that the Authentication link is vulnerable to XSS injection, as displayed below:
https://Address/2FA-access.cgi?key=%22;%20alert(1)//
We removed the Address, but this is the link that is sent via email. We have modified the key to show a proof of concept.
Will there be a fix for this in future firmware updates?
We look forward to your reply.
0
All Replies
-
Hi @inchica,We are aware of this issue and will fix it in the next official version.1
Guru Member
Categories
- All Categories
- 439 Beta Program
- 2.7K Nebula
- 191 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 468 USG FLEX H Series
- 308 Security Ideas
- 1.6K Switch
- 82 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 281 Service & License
- 440 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 93 Security Highlight
