CVE-2016-4311

HIGH

WSO2 Identity Server 5.1.0 - Cross-Site Request Forgery in XACML Flow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-4311. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates an XML External Entity (XXE) vulnerability in WSO2 Identity Server v5.1.0, allowing an attacker to exfiltrate system files (e.g., Windows hosts file) to a remote server via a malicious DTD file. The attack can be executed remotely via CSRF if an authenticated user interacts with a crafted form.

Description

Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote attackers to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textwebappsjsp

https://www.exploit-db.com/exploits/40239

View Code ZIP pw:eip

This exploit demonstrates an XML External Entity (XXE) vulnerability in WSO2 Identity Server v5.1.0, allowing an attacker to exfiltrate system files (e.g., Windows hosts file) to a remote server via a malicious DTD file. The attack can be executed remotely via CSRF if an authenticated user interacts with a crafted form.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: WSO2 Identity Server v5.1.0

Auth required

Prerequisites: Authenticated user session · Victim interaction (CSRF) · Attacker-controlled server to host DTD and receive exfiltrated data

MITRE ATT&CK