lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <13789.10.1.0.253.1213707196.squirrel@mail.s21sec.com> Date: Tue, 17 Jun 2008 14:53:16 +0200 (CEST) From: "S21sec labs" <s21seclabs@...sec.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS) ############################################################## - S21Sec Advisory - ############################################################## Title: OpenDocMan Cross Site Scripting (XSS) ID: S21sec-044-en Severity: Low History: 15.Apr.2008 Vulnerability discovered 16.Apr.2008 Vendor contacted 27.May.2008 Patch available Scope: Cross Site Scripting XSS Platforms: Any Author: Sergi Roselló (srosello@...sec.com) URL: http://www.s21sec.com/avisos/s21sec-044-en.txt Release: Public [ SUMMARY ] OpenDocMan is a free document management system (DMS) designed to comply with ISO 17025 and OIE standard for document management. It features web based access, fine grained control of access to files, and automated install and upgrades. [ AFFECTED VERSIONS ] This vulnerability has been tested in version v1.2.5 (March, 2nd 2007). [ DESCRIPTION ] An insufficient input validation allows code injection in the parameter 'last_message'. Example: http://server/opendocman-1.2.5/out.php?last_message=%3Cscript%3Ealert(document.cookie)%3C/script%3E [ WORKAROUND ] There is patch available in the following url: https://sourceforge.net/tracker/index.php?func=detail&aid=1975163&group_id=69505&atid=524753 [ ACKNOWLEDGMENTS ] This vulnerability has been found and researched by: - Sergi Roselló <srosello@...sec.com> S21sec [ REFERENCES ] * OpenDocman http://opendocman.com/ * S21sec http://www.s21sec.com * S21sec Blog http://blog.s21sec.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists