13 lines
No EOL
1 KiB
Text
13 lines
No EOL
1 KiB
Text
source: https://www.securityfocus.com/bid/55740/info
|
|
|
|
IBM Lotus Notes Traveler is prone to a URI-redirection vulnerability, multiple HTML-injection vulnerabilities and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
|
|
|
|
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user and conduct phishing attacks. Other attacks are also possible.
|
|
|
|
IBM Lotus Notes Traveler 8.5.3 and prior are vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/servlet/traveler?deviceType=700&redirectURL=javascript:alert(document.cookie)
|
|
|
|
http://www.example.com/servlet/traveler?deviceType=700&redirectURL=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B
|
|
|
|
http://www.example.com/servlet/traveler?deviceType=700&redirectURL=http://websecurity.com.ua |