| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Mar 29 19:01:12 2005
From: se_cur_ity at hotmail.com (Morning Wood)
Subject: Adventia Chat
------------------------------------------------------------
- EXPL-A-2005-003 exploitlabs.com Advisory 032 -
------------------------------------------------------------
- Adventia Chat -
OVERVIEW
========
Adventia Chat Server Pro 3.0 is an ASP program that allows
you to easily add multiple HTML-only chat rooms to your site,
transforming your web site or intranet into a dynamic and
successful online community comprised of customers, users,
suppliers or employees.
AFFECTED PRODUCTS
=================
Adventia Chat 3.1
Chat Server Pro 3.0
http://www.adventia.com/
DETAILS
=======
Adventia Chat has HTML code enabled by default, allowing all static
and remote XSS to be inserted in the chat space. This causes XSS in all
chat users browsers. ( including cookie theft and session spooofing )
As well, the entered text is of a persistant nature, allowing for
exploitation after the attacker has left the chat application.
This could also be used as an attack vector for "pushing" code
to exploit users using the latest browser exploits.
SOLUTION
========
none
1st contact: March 16, 2005 ( no reply )
PROOF OF CONCEPT
================
none ( just enter any xss style text )
demo url: http://www.adventia.com/cgi-bin/chatpro/login.asp
CREDITS
=======
This vulnerability was discovered and researched by
Donnie Werner of exploitlabs
web: http://exploitlabs.com
Powered by blists - more mailing lists