12Planet Chat Server one2planet.infolet.InfoServlet XSS

2004-07-05T10:23:53
ID OSVDB:7464
Type osvdb
Reporter Donato Ferrante(fdonato@autistici.org)
Modified 2004-07-05T10:23:53

Description

Vulnerability Description

12Planet Chat Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate page variables upon submission to the one2planet.infolet.InfoServlet CGI applet. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

12Planet Chat Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate page variables upon submission to the one2planet.infolet.InfoServlet CGI applet. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]:8080/servlet/one2planet.infolet.InfoServlet?page=<script>alert("hy")</script>

References:

Vendor URL: http://www.12planet.com Security Tracker: 1010644 Secunia Advisory ID:12012 Other Advisory URL: http://www.autistici.org/fdonato/advisory/12PlanetChatServer2.9-adv.txt Other Advisory URL: http://www.securiteam.com/windowsntfocus/5TP011FDFM.html Nessus Plugin ID:12299 CVE-2004-0678 Bugtraq ID: 10659