[<prev] [next>] [day] [month] [year] [list]
Message-ID: <f8f86698e81bd695b52cb12ffcd4271c.webmail@localhost>
Date: Sun, 24 Jan 2016 15:34:21 -0000
From: graphx@...aint.org
To: fulldisclosure@...lists.org
Subject: [FD] Eclipse BIRT Viewer <= v4.5.0 Persistent XSS
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
#Title: Eclipse Birt Report Viewer <= v4.5.0 Persistent XSS
#Vendor homepage: http://www.eclipse.org
#Discovered by: Multiple parties reported to vendor. (first in 2008!)
#Vulnerability: Presistent XSS when viewing report containing javascript
Description:
This vulnerability has been present in the Eclipse BIRT Report Viewer for
8 years at least. It has survived at least two full revisions and the bug
tickets notifying the vendor of the issue have not been assigned or moved
out of New status.
When previewing a generated report, the report viewer fails to sanitize
the report data pulled and will execute javascript and other code. This
could allow an attacker with access to the database the ability to add
persistent malicious code to report data.The vendor has been notified by
multiple parties, but there has been no activity on the issue, based on
other similar bug tickets on the issue tracker. Please refer to the
eclipse bug tracker page tickets below for additional information. This
has been an issue since version 2.2.2 at least:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=233219
https://bugs.eclipse.org/bugs/show_bug.cgi?id=484952
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWpO6MAAoJEGoTpzhfiAPxmicQAIwlWefTw6cQlx6zPRW9ha/9
3lr4/t2KVXYqassi7Xyd272d3Hwfm0NdUALkm+7yvJnvexBDA69iw/3KIPPEzUgq
Z0ykSepgOvTZF/jvvAKvzXuXe266aJuO+hOIrkqMSmWI9C9WVn6vBG8RCcdnBnWl
q0MrKnVjv+gkMckjYFhZX85S5n2aW8yRQw27k3HElcbGdnnaTEM/Cv2hJcgbu4YW
3Q6ggPToiAS+lb7i7iciebErDMEFRSxJDFuPP3DE24SMGRxb5n6/XOI4paCQVCcd
LmiTL/LiE4je6eKt4Iwr+vac5pWMomntnO3zpsyl6PpWhO/j+lQiZ8gbFGlJLtoG
5vr1LN/Pa5+917D/WUCrpABQQPvEd0sJ78SXGdyKRQf43NTaBtpofrNnZpSdv20n
Mkocybru6P+1duqVyHFqr1c92BE/KQpQ0CxwlbVpoxJoCoxj67rt/CqyGrjZleVL
ZvWb3saGyZ/HmuAW4n9QTnHDZLVvRH1LTKB3H7PdMJuq67i+cUgfEerQ6+k8D1lE
Q0giM+4iQvpxLhUgUrdJkUXUKbWx94XIpCd+5mmim8Hsst8fL8CTNKGc1TOMnStj
bn3uzRgL2w3r3e44PZZQS/iL9xMAgx9ZUD3dMYsP47NMldC/48RBBjwSaawYlHs8
qmR+wETxu3ZVv7EdcRnS
=g8e+
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists