——-Summary——
Software: SupportSuite
Sowtware's Web Site: http://www.kayako.com
Versions: 3.00.32
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: imei Addmimistrator
Risk Level: Medium
——Description—–
Supportsuite , a great product of kayako, Ideal for providing ticket
based support, is prone to XSS attack in multiple internal files.{more
than 300 files}
Use of unsafe variable PHP_SELF in so many files of supprtsuite, makes
this program vulnerable against XSS attacks. The bug is in result of
using PHP_SELF variable that is unsafe in many version of PHP inside
of parameter used in function trigger_error().
Product has an "Anti Full path disclosure" approach come here:
if (!defined("INSWIFT")) {
trigger_error("Unable to process $PHP_SELF", E_USER_ERROR);
}
As it's obvious, It has a weakness against XSS.
VISITE ORIGINAL ADVISORY FOR MORE DETAILS
> http://myimei.com/security/2007-12-06/supportsuite-31101-multiple-file-php-self-xss.html
imei Addmimistrator
Visit my SeQrity Homepage at:
http://myimei.com/security