[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability
- From: security.assurance@xxxxxxxxxx
- Date: 25 Feb 2009 23:33:48 -0000
Title: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting
Vulnerability
CVE Identifier: N/A
____________
Credit:
Security Assurance Team of the National Australia Bank.
The vendor was advised of this vulnerability prior to its public release.
National Australia Bank adheres to the ?Guidelines for Security Vulnerability
Reporting and Response V2.0? document when issuing Security Advisories.
Class: Stored Cross Site Scripting
____________
Remote: Yes
____________
Local: No
____________
Vulnerable:
Cisco Unified Meeting Place 6.0 and possibly 7.0 ? other versions may also be
vulnerable.
____________
Not Vulnerable:
____________
Vendor: Cisco
____________
Discussion:
Cisco Unified Meeting Place is a suite of products used for remote voice, video
and web conferencing. The Cisco Unified Meeting Place web interface allows
users to schedule and attend conferences.
Each user has the ability to modify their own account settings such as their
name, telephone extension, email address etc. National Australia Bank?s
Security Assurance Team have identified a stored cross site scripting
vulnerability that could be exploited by a malicious user to execute code
within another user's browser when they view a meeting created by the malicious
user.
____________
Exploit:
The ?E-mail Address? field of this profile page is vulnerable to stored cross
site scripting attacks.
If a user enters the following in the email field, the code within the script
tags will be executed whenever that user?s profile data is viewed by other
users, including when viewing the details of a meeting created by this user:
"><script>INSERT JAVASCRIPT HERE</script>
Solution:
No workaround available.
This vulnerability is fixed in Cisco Unified MeetingPlace Web Conferencing
software version 6.0(517.0) also known as Maintenance Release 4 (MR4) for the
6.0 release, and version 7.0(2) also known as Maintenance Release 1 (MR1) for
the 7.0 release.
____________
References:
Vendor Homepage:
http://www.cisco.com