Title: Zoho BugTracker Multiple Stored XSS Vulnerabilities
Advisory ID: ZSL-2012-5096
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 06.08.2012

Summary

Zoho Bug Tracker is an online bug tracking software that combines a clean and an intuitive interface to submit and track bugs with custom workflows, business rules, custom fields and filters for the bugs that software projects are bound to generate and fix all bugs fast.

Description

The Bug Tracking Software suffers from a stored XSS vulnerability when parsing user input to the 'comment' and 'mystatus' parameters via POST method thru 'bugdetails.do' and 'addmystatus.do' scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

Vendor

Zoho Corporation Pvt. Ltd - http://www.zoho.com

Affected Version

N/A

Tested On

Microsoft Windows XP Professional SP3 (EN)

Vendor Status

N/A

PoC

zohobugtracker_xss.html

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] http://www.exploit-db.com/exploits/20320/
[2] http://packetstormsecurity.org/files/115320
[3] http://cxsecurity.com/issue/WLB-2012080055
[4] http://xforce.iss.net/xforce/xfdb/77481
[5] http://www.securityfocus.com/bid/54848
[6] http://www.osvdb.org/show/osvdb/85132
[7] http://www.osvdb.org/show/osvdb/85133

Changelog

[06.08.2012] - Initial release
[07.08.2012] - Added reference [1], [2] and [3]
[09.08.2012] - Added reference [4] and [5]
[07.09.2012] - Added reference [6] and [7]

Contact

Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk