| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Jul 2009 18:09:09 +0200 From: Andrea Purificato - bunker <andrea.purificato@...il.com> To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Stored XSS on Communigate Pro 5.2.14 and prior versions - Description The Communigate Pro webmail framework is prone to a stored Cross Site Scripting vulnerability through crafted plain text email messages. - Affected version: 5.2.14 and prior as reported from Communigate: http://www.communigate.com/cgatepro/History52.html - Details This vulnerability can be exploited if an attacker sends a plain text message to the victim address containing a malicious crafted URL; the internal parser fails to parse the malicious URL and executes Javascript code every time user reads the message. An attacker may be able to use this vulnerability to steal sensitive information from a user's computer (e.g. current SessionID) or force the user's computer to execute stealed operations. - Example of crafted URL http://www.example.com/&z="><script>alert(document.cookie)</script>&f= - Patch Install Communigate Pro 5.2.13 5.2.15 15-Jul-2009: * Bug Fix: WebUser: 5.1.2: links in plain text messages could be processed incorrectly. - Communigate http://www.communigate.com/cgatepro/ -- Andrea Purificato http://rawlab.mindcreations.com
Powered by blists - more mailing lists