##########################################################
# Comodo Group
#
# Vendor : Kayako Infotech Ltd.
# URL : http://www.kayako.com/
# Version : Kayako SupportSuite <= 3.60.04
##########################################################
We've discovered multiple persistent cross site scripting vulnerabilities in the latest version of
Kayako SupportSuite (3.60.04). Because of improper input validation an attacker (authenticated staff
member) can inject javascript code into the body or even subject of a knowledge base article which will
execute in to context of the victim's browser when they view the pages in question. THis makes it
possible to steal cookies, hijack sessions and more. The severity of this is augmented by the fact
that the subjects of newly published articles appear on the home page of the portal making it easy to
compromise a large number of users.
The vendor has been notified, but until they issue a patch administrators can modify the relevant php
themselves to do better input validation.
BKz
LPIC, Sec+, OSCP
http://www.comodo.com/
{"id": "SECURITYVULNS:DOC:23110", "bulletinFamily": "software", "title": "Kayako SupportSuite Multiple Persistent Cross Site Scripting (Current Versions)", "description": "##########################################################\r\n# Comodo Group\r\n#\r\n# Vendor : Kayako Infotech Ltd.\r\n# URL : http://www.kayako.com/\r\n# Version : Kayako SupportSuite <= 3.60.04\r\n##########################################################\r\n\r\nWe've discovered multiple persistent cross site scripting vulnerabilities in the latest version of\r\nKayako SupportSuite (3.60.04). Because of improper input validation an attacker (authenticated staff\r\nmember) can inject javascript code into the body or even subject of a knowledge base article which will\r\nexecute in to context of the victim's browser when they view the pages in question. THis makes it\r\npossible to steal cookies, hijack sessions and more. The severity of this is augmented by the fact\r\nthat the subjects of newly published articles appear on the home page of the portal making it easy to\r\ncompromise a large number of users.\r\n\r\nThe vendor has been notified, but until they issue a patch administrators can modify the relevant php\r\nthemselves to do better input validation.\r\n\r\nBKz\r\nLPIC, Sec+, OSCP\r\nhttp://www.comodo.com/", "published": "2010-01-23T00:00:00", "modified": "2010-01-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23110", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:33", "edition": 1, "viewCount": 37, "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10549"]}], "rev": 4}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.1}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645507525, "score": 1659803227}, "_internal": {"score_hash": "4885c08deb21f4bf8ccb737c26ccc778"}}