The security advices of the ESUP-Portail consortium concern softwares distributed by the consortium. It is the responsability of each recipient of this document not to diffuse it to other people for obvious security reasons.
Object |
esup-helpdesk vulnerabiliy |
Reference |
ESUP-2009-AVI-001 |
First version |
2009 January 12th |
Latest version |
2009 January 14th |
Source |
University of Rennes 1 |
Diffusion |
Public |
History |
|
Attached files |
none. |
Identity theft by stealing session identifiers thanks to XSS attacks.
esup-helpdesk uses FCK Editor to enter ticket actions and edit FAQs. The HTML code entered this way is shown to the user as-is in the history of tickets and FAQs.
Javascript attacks include the steal of session identifiers, thus authorizating identity theft.
Release 3.16.0:
Event if it is possible to trace the attacks (all the actions are traced in the application), it is strongly recommended to upgrade to release 3.16.0 or later as soon as possible.