Dear Hackers,

About DiskBoss:

DiskBoss is an automated disk space analysis and file management solution allowing one to perform various types of disk space analysis, file classification, duplicate files search, file synchronization, disk change monitoring, file management, file delete and data wiping operations on local disks, network shares, NAS devices and enterprise storage systems. DiskBoss is developed and supported by Flexense Ltd. - an independent software vendor specialized in data management software products for automated disk space analysis, file classification, file synchronization, rule-based file management, server monitoring, file delete and data wiping operations. Flexense Ltd. sells its software products to more than 75 countries around the world and provides full support for all types of customers including consumers, small businesses, large enterprises, educational institutions and governments.

I know Diskboss for their vulnerabilty CVE-2018-5262 This is a Buffer Overflow, always will only use it for the capture the flag or ethical hacking XD. So I decided to research from this vendor.

This XSS in Flexense DiskBoss, affects all versions, tested from DiskBoss Enterprise v7.4.28 to v9.1.16. This attack allows an attacker code execution. The vulnerability affects the confidentiality of personal data, possible theft of confidential information, for example, credentials of session, cookie information, personal information, or a possible loss of control of the PC.

To be able to reproduce the vulnerability, you can view the evidence related:

Diskboss

- Vector attack: /?n0ipr0cs<script>alert('XSS')</script>n0ipr0cs=1

- Attack Type: Remote

- Reference: https://cwe.mitre.org/data/definitions/79.html

The vulnerability has assigned its CVE-2018-10294, I have asked please update the website in Diskboss new 12-Apr-2018 - DiskBoss v9.2, because the vulnerability has been fixed.The new product version (v9.2.18) fixes a number of bugs and security vulnerabilities, this include CVE-2018-10294.

This vulnerability has been discovered by Francisco Javier Santiago Vazquez aka "n0ipr0cs" Linkedin Twitter

See you soon.

UPDATE: The vulnerability which also involves to all products and versions. Asigned have been assigned the CVE:

XSS in Flexense Diskboss, affects all versions CVE-2018-10294

XSS in Flexense SyncBreeze, affects all versions CVE-2018-10563

XSS in Flexense DiskPulse, affects all versions CVE-2018-10564

XSS in Flexense DiskSavvy, affects all versions CVE-2018-10565

XSS in Flexense DupScout, affects all versions CVE-2018-10566

XSS in Flexense VX Search, affects all versions CVE-2018-10567

XSS in Flexense DiskSorter, affects all versions CVE-2018-10568