[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1111494521_9827@S1.cableone.net>
Date: Tue, 22 Mar 2005 06:28:13 -0600
From: "GulfTech Security Research" <security@...ftech.org>
To: <bugtraq@...urityfocus.com>, "OSVDB" <moderators@...db.org>
Subject: Kayako eSupport Cross Site Scripting
##########################################################
# GulfTech Security Research March 22, 2005
##########################################################
# Vendor : Kayako Web Solutions
# URL : http://www.kayako.com/
# Version : Kayako eSupport v2.3
# Risk : Cross Site Scripting
##########################################################
Description:
Kayako eSupport is a popular helpdesk, and support software. It
is used by many businesses for customer support purposes. Kayako
eSupport is prone to cross site scripting attacks that may allow
the application to be used as an attack vector, or an attacker
to access sensitive user data .
Cross Site Scripting:
Cross site scripting exists in Kayako eSupport. This vulnerability
exists due to user supplied input not being checked properly. Below
are a few benign examples of the previously mentioned issues.
http://path/index.php?_a=knowledgebase&_j=questiondetails&_i=[INT][XSS]
http://path/index.php?_a=knowledgebase&_j=questionprint&_i=[INT][XSS]
http://path/index.php?_a=troubleshooter&_c=[INT][XSS]
http://path/index.php?_a=knowledgebase&_j=subcat&_i=[INT][XSS]
This vulnerability could be used to steal cookie based authentication
credentials within the scope of the current domain, or render
hostile code in a victim's browser. Where [INT] and [XSS] should be a
valid integer and your choice of code, for example
"><h1>Cross Site Scripting</h1>
Solution:
The Kayako support team was informed of these vulnerabilities and
they informed me that a fix will be released soon.
Credits:
James Bercegay of the GulfTech Security Research Team
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.7.4 - Release Date: 3/18/2005
Powered by blists - more mailing lists