Eventum Issue Tracking System 2.3.1 stored cross site scripting vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201129244
Type myhack58
Reporter 佚名
Modified 2011-02-20T00:00:00


Eventum Issue Tracking System is a user-friendly interface and flexible bug tracking system, it can help the development team to quickly organize tasks and bugs. Eventum Issue Tracking System 2.3.1 the presence of the stored cross site scripting vulnerability that could cause users to sufferXSSattack.

[+]info: ~~~~~~~~~

Exploit Title: Eventum 2.3.1 stored XSS

Date: 19-2-2011

Author: Saif El-Sherei

Software Link: https://code.launchpad.net/eventum

Version: Eventum 2.3.1

Tested on: FF 3.0.15, IE 8

Vendor notification: vendor notified, awaiting response

[+]poc: ~~~~~~~~~ Details: The "Full-Name" variable is not properly sanitized before displayed in any page. where an authorized user can perform this attack on other users who has access to the system, by changing his own "full-name" in the preferences section.

POC: <script>alert('w00t');</script>

[+]Reference: ~~~~~~~~~ http://www.exploit-db.com/exploits/16196