Cerberus FTP Server (http://www.cerberusftp.com/) is a secure and reliable FTP server with many features and available functionality.
It was discovered that the Web Administration interface has multiple persistent Cross Site Scripting (XSS) vulnerabilities. In the log viewer there is a XSS vulnerability which may be used by an unauthenticated user against an authenticated user. In the server manager a trivial XSS vulnerability exists which may be used by the authenticated user.
To start, the vulnerabilities in the on the "/servermanger" page is trivial to exploit by escaping the "<textarea>" tags for each available server message.
I believe an administrative user would have to be logged in at the time of the attack and actively viewing the "/log" page to achieve successful exploitation. Due to these limitations I believe this to have a significant effect on the impact and reliability on any possible exploit code.
For more discussion on these bugs I've created a brief write-up at: http://sadgeeksinsnow.blogspot.com/2012/12/persistence-is-key-another-bug-hunt.html
12/05/2012 - Discovered multiple bugs in product vendor's application 12/06/2012 - Disclosure of details to product vendor 12/07/2012 - Vendor created fixes for reported bugs 12/13/2012 - CVE Assignment 12/19/2012 - Public disclosure to Bugtraq
CVE-2012-6339: Multiple XSS vulnerabilities in Cerberus FTP Web Administration interface. Affected pages are "/log" and "/servermanager".
Update to the latest version of Cerberus FTP Server.
Special Thanks to Grant @ Cerberus for his incredible response time and dedication to secure coding principles.
For more information concerning myself or my research: sadgeeksinsnow.blogspot.com