There’s a remotely exploitable vulnerability in several versions of the Google Search Appliance that could allow an unauthenticated attacker to execute a cross-site scripting attack and run a script in the context of the user’s browser.
The Google Search Appliance is an enterprise product that enables users to search for content from a wide variety of sources, including databases, email, SharePoint portals, the Web and file shares. The appliances are installed in data centers and are designed to speed up search functions and help enterprises access all of the data and content they produce.
The vulnerability in the Google Search Appliance is in several versions, but Google has issued a fix that addresses the bug.
Google Search Appliance versions earlier than 7.2.0.G.114 and 7.0.14.G.218 fail to properly sanitize user input that is reflected directly into a JavaScript <script> block if the dynamic navigation feature is enabled. This allows an attacker to perform a reflected XSS attack,” the CERT/CC advisory on the vulnerability says.
“A remote unauthenticated attacker may be able to execute arbitrary script in the context of the end-user’s browser session.”
Google has fixed the vulnerability in versions 7.2.0.G.114 and 7.0.14.G.218 of the appliance’s software. Users also can employ a workaround that involves disabling the dynamic navigation capability in the appliance.
Image from Flickr photos of Antonio Tajuelo.