|Requires Admin Access:||Yes|
|Credit:||it.sec GmbH & Co. KG – Hans-Martin Münch & Markus Piéton|
A attacker can use the discovered scripts to obtain a information about the server and it’s configuration. Including the internal IP address, hostname and other dotCMS configuration parameters. This can be leveraged in later attacks to further attack the system.
Use a web application firewall that blocks external access to the unauthenticated scripts. These firewalls also blocks external access to .jsps and other URLs in the system that can be exploited. The firewalls can also attempt to filter any requests attempting to exploit XSS vulnerabilities in a customer’s implementation. We generally recommend using a firewall in this way.