Sun java System Messenger Express XSS

2006.11.06

Credit: Handrix

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2006-5653

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

Sun java System Messenger Express 
remote XSS vulnerabilities
By: Handrix <handrix_at_morx_org>
29 November 2005
MorX security research team
www.morx.org
Description:
Sun java System Messenger Express XSS

The index script  is vulnerable to XSS attacks, in function errorHTML .

function errorHTML() {
 var s=''; 
 .
 .
 .
 document.write(s) ---> Need more case filetring the 's' var
                 }

So, this issue can allow an attacker to bypass content filters and potentially carry out cross-site scripting, HTML injection and other attacks.
Exploit:
https://mail.victime.edu/?user=&error=%3Cscript%3Ealert('hakin9');%3
C/script%3E</a>

Googledork :
intitle: "Sun Java(tm) System Messenger Express"

Vulnerable versions :
Sun java System Messenger Express
Sun java System Messenger Express6

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Sun java System Messenger Express XSS

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Sun java System Messenger Express XSS

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.