Celoxis <= 9.5 - Cross Site Scripting (XSS)
==============================
Information
--------------------
Name: Celoxis <= 9.5 - Cross Site Scripting (XSS)
Affected Software : Celoxis
Affected Versions: <= 9.5
Vendor Homepage : http://www.celoxis.com
Vulnerability Type : Cross Site Scripting
Severity : Low
CVE: n/a
Product
--------------------
Celoxis is a web-based project management software.
Description
--------------------
Exist a vulnerability in the calendar.wm that allow an attacker execute arbitrary javascript in the browser context of a victim. Also, the attacker could steal the cookie because it is not being protected by HTTPOnly flag and is possible avoid the filters with the eval function.
Proof of Concept URL
--------------------
https://celoxisSite/psa/cal.Ca
Advisory Timeline
--------------------
08/10/2015 - Informed Vendor about Issue
08/10/2015 - Vendor responded
12/11/2015 - Reminded Vendor
14/11/2015 - Vendor responded saying 'they changed the framework itself to handle XSS'.
23/11/2015 - Fix released (vendor informed us)
23/11/2015 - Vulnerability published
Credits & Authors
--------------------
Manuel Mancera (@sinkmanu)
www.a2secure.com
Disclaimer
-------------------
All information is provided without warranty. The intent is to provide
information to secure infrastructure and/or systems, not to be able to
attack or damage. Therefore A2Secure shall not be liable for any direct
or indirect damages that might be caused by using this information.
Komentarų nėra:
Rašyti komentarą