Vulmon
Altitude uAgent - Altitude uCI 7.5 Persistent XSS
Details
========================================================================================
Product: Altitude uAgent - Altitude uCI 7.5
Security-Risk: High
Vendor-URL: http://www.altitude.com
CVE-ID:CVE-2014-9212
Credits
========================================================================================
Discovered by: Owais Mehtab
Affected Products:
========================================================================================
Altitude uAgent Web
Description
========================================================================================
" Altitude uAgent - Altitude uCI 7.5 Persistent XSS "
More Details
========================================================================================
I found two persistent Cross site scripting (XSS) in Altitude uAgent - Altitude uCI 7.5,
the vulnerability can be easily exploited and can be used to steal cookies,
perform phishing attacks and other various attacks compromising the security of a
user. These XSS can only be exploited by authenticated users
Proof of Concept
========================================================================================
1-XSS In Hyperlink
------------------
In send email option click on insert hyperlink and insert vector:-
"><img src=x onerror=prompt(document.cookie);>
2-Email XSS
-----------
Another XSS was found in image attribute section, vulnerable parameter (style)
POC attack vector:-
x:expression(alert(1))
I have informed the vendor but they don't tend to fix the problem.
--
Regards,
Owais Mehtab
<p>