IBM.com – DevelopersForum.nsf – Cross-site Scripting/Remote Execution Code

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions:www.ibm.com
Date: 26/08/2011
Product:www.ibm.com/lotus/symphony/developersForum.nsf

We have discovered that the product “IBM Corporation” presents a big hole regarding a Cross-site Scripting/Remote Execution Code attacks.

Google Dork:
inurl: ibm.com

Sites compromised:

http://www-03.ibm.com/software/lotus/developersForum.nsf

Function vulnerable:
/symphony/developersForum.nsf/../Q=<EvilCode>


Attack Description:

One of the most common forms of Web application vulnerability is Cross-site Scripting. This security vulnerability allows attackers to implant malicious scripts into websites. The scripts will execute in the browsers of visitors to the site, within the hosting website security zone. This provides the script with the correct privilege level to access and modify secure data.

Cross-site Scripting is among the most widespread attack methods used by hackers. It is also referred to by the names XSS and CSS. Note that in this case, CSS is not the same as Cascading Style Sheets, which is the name of a style sheet language for Web pages.

Possible consequences of Cross-site Scripting include having a user account hijacked (also called cookie theft), the redirection of users to a fraudulent website, or the display of false information on the hosting website. In addition to the threat of secure data being compromised, the trust level of users can be seriously damaged by Cross-site Scripting.

Open the Application, Website affected, and exploit the code, this code.


This post is password protected content. To view it please enter your password below:

Leave a Reply