Kayako Fusion Help Desk Cross Site Scripting

# Exploit Title:  Kayako Fusion Cross Site Scripting
# Date: 17.03.2012
# Author: Sony
# Software Link: http://www.kayako.com/
# Version: all version
# Google Dorks: inurl:Base/UserRegistration/ or intitle:Powered by Kayako
Fusion Help Desk Software
# Web Browser : Mozilla Firefox
# Site : http://insecurity.ro
# PoC:
http://st2tea.blogspot.com/2012/03/kayako-fusion-cross-site-scripting.html
..................................................................

Well, we have a cross site scripting in Kayako Fusion.

Our xss in /Tickets/Submit.

Put our code in the all fields and press button Submit.

Click on View Tickets and open our ticket. We can see a Persistent XSS.

http://1.bp.blogspot.com/-XIol_NGfkY4/T2QwnI6O1yI/AAAAAAAAAv8/VocNLueIcSI/s1600/yeah.JPG

http://1.bp.blogspot.com/-hSBqYUG9mVk/T2QwrC7SfeI/AAAAAAAAAwI/t3VfDrmnsUc/s1600/yeah2.JPG

A lot of web sites use Kayako Fusion.

We can see Comodo

http://4.bp.blogspot.com/-NuPPTVnYUKA/T2Qw2JbVMQI/AAAAAAAAAwU/ilLYojJ_gus/s1600/comodo.JPG

Avg

http://4.bp.blogspot.com/-e3EFHjpd_f0/T2Qw7WMsNYI/AAAAAAAAAwg/MvkVl_n8fhQ/s1600/avg.JPG

etc..