ColdFusion MX Cross Site Scripting vulnerabilityFrom: Ory Segal (ORY.SEGAL@SANCTUMINC.COM)
- Previous message: Spot: "Mandrake 8.2 msec security issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Ory Segal <ORY.SEGAL@SANCTUMINC.COM> To: "'WebAppSec (E-mail)'" <email@example.com>, "'BugTraq (E-mail)'" <BUGTRAQ@SECURITYFOCUS.COM>, "'Penetration Testing (E-mail)'" <PEN-TEST@SECURITYFOCUS.COM> Date: Tue, 18 Jun 2002 10:15:39 -0700
==> Macromedia ColdFusion MX Cross site scripting vulnerability <==
=> Author: Ory Segal, Sanctum Inc.
=> Release date: 18/06/2002 (vendor was notified at: 03/06/2002)
=> Vendor: Macromedia ( http://www.macromedia.com )
- Macromedia ColdFusion MX (ColdFusion Server version: 188.8.131.52617)
 The vulnerabilities were tested on the evaluation
 The ColdFusion server was tested on Win2K (SP2) +
=> Severity: High
=> CVE candidate: Not assigned
A "Cross Site Scripting" vulnerability exists when requesting a
Macromedia's ColdFusion MX comes with a default 404 error page.
This 404 error page presents the path of the file requested, and
does not filter it
for hazardous characters, which might be used for a cross site
For example, the following request will pop-up a message containing
the current session