usd250 helpdesk XSS vulnerabily.

2007-10-30 / 2007-10-31

Credit: Joseph

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-5727

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

http://www.oneorzero.com/

Within the helpdesk utility usd250, an XSS in the comments field is possible.

The comments strip script tags and replace them with (not allowed), but

script tags dont need to be in place for XSS. Something along the lines of...

<b onmouseover="window.alert('omghax')">some text</b> Suffices.

The fix is to use htmlentities() or htmlspecialchars() to filter ALL html

from user input.

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

usd250 helpdesk XSS vulnerabily.

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

usd250 helpdesk XSS vulnerabily.

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.