lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <w-LJWkE4Vk7MpflB90UAxKWktKQDhujbsa8tsT5viB2PKScN7cIXFpb4BBYZS4TlUl2TU6hFgZE8KU0ccLkKDb-5EDXzgNQqVlJ-3dUQoFw=@protonmail.com> Date: Thu, 26 Mar 2020 11:13:57 +0000 From: Georg Ph E Heise via Fulldisclosure <fulldisclosure@...lists.org> To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org> Subject: [FD] CVE-2019-19912 codeBeamer – Stored Cross-Site Scripting =============================================================================== Identifiers ------------------------------------------------- * CVE-2019-19912 CVSSv3 score ------------------------------------------------- 6.4 (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H) Vendor ------------------------------------------------- Intland – Codebeamer (https://codebeamer.com) Product ------------------------------------------------- codeBeamer ALM is a holistically integrated, collaborative Application Lifecycle Management platform with capabilities that cover your entire product development lifecycle. Affected versions ------------------------------------------------- - codebeamer 9.5 and below Credit ------------------------------------------------- Georg Ph E Heise (@gpheheise) / Lufthansa Industry Solutions (@LHIND_DLH) Vulnerability summary ------------------------------------------------- Intland Software has a stored XSS vulnerability in file attachment section. Technical details ------------------------------------------------ The upload section is vulnerable to accept malicious crafted SWF file. . Proof of concept ------------------------------------------------- To exploit this vulnerability standard male formatted SWF file like the ones available on github · https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection` Solution ------------------------------------------------- Contact vendor for a solution Timeline ------------------------------------------------- Date | Status ------------|----------------------------- 20-DEZ-2019 | Reported to vendor 03-JAN-2020 | Acknowledged by vendor 09-MAR-2020 | Patch available 26-MAR-2020 | Public disclosure _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists