| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGOhvvLbT4+aQXYdSwOZKOiLa3F1WywJUbtf5_zp-a4YPRePvA@mail.gmail.com> Date: Wed, 27 Sep 2017 15:57:52 +0200 From: Marcin Wołoszyn <mw@....pl> To: fulldisclosure@...lists.org Subject: [FD] OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) - Cross-Site Scripting Title: OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14755 Affected Software: ================== OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) Exploit was tested on: ====================== v4.5SP1 Patch 13 (older versions might be affected as well) Cross-Site Scripting: ===================== It is possible to inject Javascript into the application which will be reflected to unaware application users. This might allow an attacker to perform actions on behalf of unaware application users. In order to remediate the issue, proper input validation, sanitizing and output encoding should be conducted on server side. No CSRF token is necessary for exploitation. Vector : -------- https://[...]/xAdmin/html/XPressoDoc?categoryId=<script>alert(document.domain)<%2fscript>&_dc=1&start=0&limit=10 Fix: ==== https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774 Contact: ======== mw[at]nme[dot]pl _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists