← Advisories

Horos 2.1.0 Web Portal DOM Based XSS

Medium

Advisory ID

ZSL-2016-5385

Release Date

16 December 2016

Vendor

Horos Project - https://www.horosproject.org

Affected Version

2.1.0

CVE

N/A

Tested On

macOS 12.10.2 (Sierra)

Summary

Horos™ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X. Horos is based upon OsiriX and other open source medical imaging libraries.

Description

Horos suffers from a DOM-based XSS vulnerability because it doesn't use proper sanitization when user input goes to a dangerous HTML modification sink ((element).innerHTML). This can be exploited to execute arbitrary HTML and script code in a user's browser DOM in context of an affected site.

Proof of Concept

horos_domxss.txtTXT

Disclosure Timeline

15.12.2016Vendor informed.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/140192

[2]https://cxsecurity.com/issue/WLB-2016120103

[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/119839

Changelog

16.12.2016Initial release

20.12.2016Added reference [1] and [2]

24.12.2016Added reference [3]