by r0t,der4444,cembo,VietMafia

Friday, December 23, 2005

Communiqué 4 XSS vuln.

Communiqué 4 XSS vuln.

Vuln. discovered by : r0t
Date: 23 dec. 2005
affected version: 4 and prior

Product Description:

Communiqué 4 is the first native JCR (JSR 170) standard compliant enterprise content management solution available on the market today. Communiqué 4 revolutionizes content management by decoupling the content management application from the underlying repository.
Communiqué 4 offers a comprehensive range of fully integrated content solutions that enables leading companies to address all of their global content challenges with one highly scalable, reliable platform.

Vuln. Description:

Input passed to the "query" parameter when performing a search isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Edit the source code to ensure that input is properly sanitised.


Anonymous Anasazi666 told...

Has Day software proposed a fix as yet?

7:25 PM

Anonymous David Nuescheler told...

This is by no means a product issue since the executed jsp-template needs to sanitize the input.

A single line of code escaping tags should do the trick.


7:24 AM


Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew