Re: Cross-Site Scripting in PlumTree?

[Marshal <marshal () marshal-soft com>]

at your local vendor...securityfocus :-)
http://www.securityfocus.com/archive/1/138297

a nice url with some links to more information.

grt marshal


Oliver, Todd wrote:

> Where could I obtain solid documentation on Cross-Site Scripting
> vulnerabilities and how they work and what kind of exposures they
> create?
>
> Thanks
>
>
> Todd
>
> -----Original Message-----
> From: Ed Moyle [mailto:emoyle () scsnet csc com] 
> Sent: Friday, January 04, 2002 2:33 PM
> To: vuln-dev () securityfocus com
> Subject: Cross-Site Scripting in PlumTree?
>
>
> Hi.
>
> Anybody know about cross-scripting in PlumTree?  I happened to notice
> this while I was at the plumtree-hosted demonstration site
> (portal.plumtree.com.)  It appears as if plumtree portal ships by
> default some error page (error.asp) that parrots back the message that
> appears as part of the request URI.  This error page seems to recieve an
> argument that is a textual description of the error that is shown to the
> user on the resulting page...
>
> In the below example, <plumtreeserver> should point to the plumtree
> server (obviously), and <portalname> should be the directory for the
> portal.  For example, you might have a plumtree server called
> "portal.domain.dom" and the first directory was called "portal"...  
>
> http://<plumtreeserver>/<portalname>/common/error.asp?UserID=2&Descripti
> on=%3CSCRIPT%20LANGUAGE%3DJAVASCRIPT%3Ealert%28%22Cross-Script%22%29%3B%
> 3C/script%3e   
>
> (seems to work w/ IE, but is not tested on Netscape.)
>
> Does anybody know if PlumTree has a procedure to fix this posted
> somewhere? -E