[<prev] [next>] [day] [month] [year] [list]
Message-ID: <a1a95554c13bd838bbbcb0264e4f918d.webmail@localhost>
Date: Sat, 23 Jan 2016 17:56:05 -0000
From: graphx@...aint.org
To: fulldisclosure@...lists.org
Subject: [FD] Eclipse BIRT report viewer <= 4.5.0 Persistent XSS
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
#Title: Eclipse Birt Report Viewer v4.5.0 and below Persistent XSS
#Vendor homepage: http://www.eclipse.org
#Exploit Author: Multiple parties reported to vendor. (first in 2008!)
#Vulnerability: Presistent XSS when viewing report with malicious code
Description:
When previewing a generated report in the document viewer, the report
viewer fails to sanitize the report data pulled from a database and will
execute javascript and other code. the vendor has been notified by
multiple parties, but there has been no activity on the issue.
Based on other similar bug tickets on the issue tracker. Please refer to
the eclipse bug tracker page tickets below for additional information.
this has been an issue since version 2.2.2 at least:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=233219
https://bugs.eclipse.org/bugs/show_bug.cgi?id=484952
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWo75oAAoJEGoTpzhfiAPx7HwP/1jrw7Pcy//Tj1YwRGhb6SZ4
/JyV4GBsTNzXFRgk3S8uvE8txJ0m/TlK7tnJ5HkXS5yGoEvxFjTwtauwrBF7ZGQN
gZDKW5i55sKRWW3PKuLC3yf9czD/u7fzcEecYFx9XiiMY0lvPFoNMsCT3tu9cKZj
Xt6jx1KBdBYtK7avBU8y/8FUnmwUX0GPOd5xij1uaxw5CWhRQ4hqy38D7VZSv1X5
iJfTzVVoOkEievtejA1sOnjfd9NAKYizjIaOB0utpKexY2X9xDQXPSZUSSiyBKpC
bF7i+5XkzKxxPpI6OpK15Na3lSkslHyzjacaPYabwMB1p8+YMnlC0JBw0lJpaK5Z
yyFbenCg/LSmHl5RYxtyScnQIT8wXNXw1sscIiFtdf2esFZcpAjfxvKOPCDkDuvK
EvNSUyBlYE92gjov9dChN4nIFT1kKczyynH6bFieNJm/VrshMJIElz+uHi+zIVTz
X03qnaEF4zLHGc28iFQ/t2QLtmhSch+UH5Wb5Gy5WrJ0XmvId8E88AdyGuVk2dQI
y6jwQUCnoSf44fYYQpthwDeG8X0byGuxeXQAXiUPMjQ8rC37k00kJArjIrVcYIfg
HC3z+UrxOpna1Ed7/Nq6qzMNPSnDBTn5oODMx64aSBCnC4dSluWRDWmiJ7DHPwPe
Rt3YDLY9syVRED/slOvd
=h200
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists