[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD]  Visual Paradigm Server v10.0 - Cross Site Scripting (XSS)
From:       Manuel Mancera <mmancera () a2secure ! com>
Date:       2015-11-27 11:50:36
Message-ID: 5658438C.7090501 () a2secure ! com
[Download RAW message or body]

================================================================
Visual Paradigm Server v10.0 - Cross Site Scripting (XSS)
================================================================

Information
--------------------
Name: Visual Paradigm Server v10.0 - Cross Site Scripting (XSS)
Affected Software : Visual Paradigm Server
Affected Versions: 10.0
Vendor Homepage : http://www.visual-paradigm.com
Vulnerability Type : Cross Site Scripting
Severity : Low
CVE: n/a


Product
--------------------
Visual Paradigm Server is a service that is installed with Visual 
Paradigm Teamwork Server. It is used to manage the license server accounts.


Description
--------------------
A vulnerability has been detected in login.jsp  that allow an attacker 
execute arbitrary javascript in the browser context of a victim and 
could steal the cookie of a user and hijack his session.


Proof of Concept URL
--------------------
http://site:1999/login.jsp?error=Invalid 
login&user="/><script>alert("XSS");</script>


Solution
--------------------
Install a higher version, the last version is 12.2


Advisory Timeline
--------------------

26/11/2015 - Informed vendor about the issue
26/11/2015 - Vendor responded
27/11/2015 - Vendor say that just this version (10.0) is affected by 
this vulnerability, and this version is deprecated. (Also I reported 
other XSS in his website and they fixed)
27/11/2015 - Vulnerability published


Credits & Authors
--------------------
Manuel Mancera (@sinkmanu)

www.a2secure.com


Disclaimer
-------------------
All information is provided without warranty. The intent is to provide
information to secure infrastructure and/or systems, not to be able to
attack or damage. Therefore A2Secure shall not be liable for any direct
or indirect damages that might be caused by using this information.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic