lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <f8f86698e81bd695b52cb12ffcd4271c.webmail@localhost>
Date: Sun, 24 Jan 2016 15:34:21 -0000
From: graphx@...aint.org
To: fulldisclosure@...lists.org
Subject: [FD] Eclipse BIRT Viewer <= v4.5.0 Persistent XSS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

#Title: Eclipse Birt Report Viewer <= v4.5.0 Persistent XSS
#Vendor homepage: http://www.eclipse.org
#Discovered by: Multiple parties reported to vendor. (first in 2008!)
#Vulnerability: Presistent XSS when viewing report containing javascript


Description:
This vulnerability has been present in the Eclipse BIRT Report Viewer for
8 years at least.  It has survived at least two full revisions and the bug
tickets notifying the vendor of the issue have not been assigned or moved
out of New status.

When previewing a generated report, the report viewer fails to sanitize
the report data pulled and will execute javascript and other code. This
could allow an attacker with access to the database the ability to add
persistent malicious code to report data.The vendor has been notified by
multiple parties, but there has been no activity on the issue, based on
other similar bug tickets on the issue tracker. Please refer to the
eclipse bug tracker page tickets below for additional information. This
has been an issue since version 2.2.2 at least:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=233219
https://bugs.eclipse.org/bugs/show_bug.cgi?id=484952
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWpO6MAAoJEGoTpzhfiAPxmicQAIwlWefTw6cQlx6zPRW9ha/9
3lr4/t2KVXYqassi7Xyd272d3Hwfm0NdUALkm+7yvJnvexBDA69iw/3KIPPEzUgq
Z0ykSepgOvTZF/jvvAKvzXuXe266aJuO+hOIrkqMSmWI9C9WVn6vBG8RCcdnBnWl
q0MrKnVjv+gkMckjYFhZX85S5n2aW8yRQw27k3HElcbGdnnaTEM/Cv2hJcgbu4YW
3Q6ggPToiAS+lb7i7iciebErDMEFRSxJDFuPP3DE24SMGRxb5n6/XOI4paCQVCcd
LmiTL/LiE4je6eKt4Iwr+vac5pWMomntnO3zpsyl6PpWhO/j+lQiZ8gbFGlJLtoG
5vr1LN/Pa5+917D/WUCrpABQQPvEd0sJ78SXGdyKRQf43NTaBtpofrNnZpSdv20n
Mkocybru6P+1duqVyHFqr1c92BE/KQpQ0CxwlbVpoxJoCoxj67rt/CqyGrjZleVL
ZvWb3saGyZ/HmuAW4n9QTnHDZLVvRH1LTKB3H7PdMJuq67i+cUgfEerQ6+k8D1lE
Q0giM+4iQvpxLhUgUrdJkUXUKbWx94XIpCd+5mmim8Hsst8fL8CTNKGc1TOMnStj
bn3uzRgL2w3r3e44PZZQS/iL9xMAgx9ZUD3dMYsP47NMldC/48RBBjwSaawYlHs8
qmR+wETxu3ZVv7EdcRnS
=g8e+
-----END PGP SIGNATURE-----



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ