CAPEC-198

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Severity: Medium
XSS Targeting Error Pages

Description

An adversary distributes a link (or possibly some other query structure) with a request to a third party web server that is malformed and also contains a block of exploit code in order to have the exploit become live code in the resulting error page.

Prerequisites

A third party web server which fails to adequately sanitize messages sent in error pages.

The victim must be made to execute a query crafted by the adversary which results in the infected error report.

Mitigations

Design: Use libraries and templates that minimize unfiltered input.

Implementation: Normalize, filter and use an allowlist for any input that will be used in error messages.

Implementation: The victim should configure the browser to minimize active content from untrusted sources.