usd250 helpdesk XSS vulnerabily.

2007-10-30 / 2007-10-31
Credit: Joseph
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2007-5727
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

http://www.oneorzero.com/ Within the helpdesk utility usd250, an XSS in the comments field is possible. The comments strip script tags and replace them with (not allowed), but script tags dont need to be in place for XSS. Something along the lines of... <b onmouseover="window.alert('omghax')">some text</b> Suffices. The fix is to use htmlentities() or htmlspecialchars() to filter ALL html from user input.


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top