| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Oct 2004 00:02:46 -0400 From: "Matthew Oyer" <root@...ffomatic64.com> To: <bugtraq@...urityfocus.com> Subject: XXS in SCT email client Vendor : SCT URL : http://www.SCT.com/ Version: Campus Pipeline Risk : Cross site scripting Description: Fusetalk SCT Campus Pipeline is the Web platform of choice at over 175 institutions. It improves efficiency, builds community, and provides freedom of choice by integrating disparate systems and applications into a unified whole. SCT Campus Pipeline provides an institution's constituents - students, faculty, administration, and alumni - with centralized Web access to information, services, and communities. Cross site scripting: when passing a url to the script /cp/render.UserLayoutRootNode.uP?uP_tparam=utf&utf=????? You can easily highjack a users session Solution: only allow onsite urls. or make specific exceptions for those that arnt Credits: Credits goto my loving fiance, you push me todo things i never thought possible. Exploit: This is exploited by passing a foreign url to the utf variable in the http://one.drexel.edu/cp/render.UserLayoutRootNode.uP?uP_tparam=utf <http://one.drexel.edu/cp/render.UserLayoutRootNode.uP?uP_tparam=utf&utf > &utf= script. Spiffomatic64 Hacking is an art-form
Powered by blists - more mailing lists