| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 9 Apr 2008 08:06:56 -0000 From: jaime.blasco@...sec.com To: bugtraq@...urityfocus.com Subject: SAP Netweaver 6.40-7.0 Cross-Site-Scripting Title: SAP Netweaver 6.40-7.0 Persistent Cross-Site-Scripting Author: Jaime Blasco (at) aitsec.com http://www.aitsec.com Description: SAP Netweaver have a web interface for accesing filesystem of the portal, users can make "feedbacks" of files, input passed to the content of these feedbacks is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site Solution: This issue can be solved activating "Secure Editing" in Portal (System Configuration -> System Configuration -> Knowledge management (in detailed Navigation) -> Utilities -> Editing -> HTML Editing) Hence this issue can be solved via configuration - for more details see http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm NetWeaver 04 (6.40) SP17: http://help.sap.com/saphelp_nw04/helpdata/en/44/4d3ef6b5ac2152e10000000a114a6b/frameset.htm NetWeaver 7.0 SP8: http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm As of NetWeaver 7.0 SP15 the secure editor is on by default (SAP note 1110597: https://service.sap.com/sap/support/notes/1110597) Timeline: * March 11: Initial contact. * March 12: Confirmed * April 5: Vendor response Original Advisory: http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php
Powered by blists - more mailing lists