Lucene search
Mario1337DAY-ID-21279HistorySep 25, 2013 - 12:00 a.m.
Good for Enterprise 2.2.2.1611 - XSS Vulnerability
2013-09-2500:00:00
Mario
0day.today
17
0.002 Low
EPSS
Percentile
55.1%
Exploit for hardware platform in category web applications
The vulnerable versions are v2.2.2.1611 and earlier
Proof of Concept:
HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable version.
Payload:
<body>
<div>
<script>alert('XSS Here')</script>
</div>
</body>
Remediation:
I worked with the Good people to close the issue, I provided some guidance and feedback and agreed with them to not disclose it until they fix it.
The new release is now available:
Update the "Good for Enterprise" iOS application to 2.2.4.1659 or newer
References:
https://www.roblest.com/#research:CVE-2013-5118
Can the comunity please provide feedback and comments in order to ensure the fix is working well
Many thanks
Mario
# 0day.today [2018-04-08] #Related
seebug
seebug
Good for Enterprise 2.2.2.1611 - XSS Vulnerability
2014-07-01 00:00:00
cve
cve
CVE-2013-5118
2013-09-25 10:31:00
prion
prion
Cross site scripting
2013-09-25 10:31:00
packetstorm
packetstorm
Good For Enterprise 2.2.2.1611 Cross Site Scripting
2013-09-24 00:00:00
exploitpack
exploitpack
Good for Enterprise 2.2.2.1611 - Cross-Site Scripting
2013-09-25 00:00:00
securityvulns
securityvulns
CVE-2013-5118 - XSS Good for Enterprise iOS
2013-10-01 00:00:00
cvelist
cvelist
CVE-2013-5118
2022-10-03 16:14:55
exploitdb
exploitdb
Good for Enterprise 2.2.2.1611 - Cross-Site Scripting
2013-09-25 00:00:00