Is capable of delivering exploits through cross-site scripting?

Written by DP

Tuesday, 8 June 2010

UPDATE: this was fixed on June 9, very fast!
The answer is "YES". Security researcher nicknamed "Hexspirit", has submitted to the archive a cross-site scripting vulnerability on an SSL - and supposedly "secure" - support page. Even if the XSS attack vector gets executed only via a POST request, an attacker could still exploit this security issue to infect innocent users and Cisco  IronPort's customers and partners with malware, adware and spyware. (SSL page) XSS Mirror:
Click here to execute the XSS with WhiteAcid's XSS post forwarder.
Based on your own words, I would say practice what you preach:
"IronPort's web reputation filters are protecting users from known and unknown exploits (including adware, Trojans, systemmonitors, keyloggers, malicious/ tracking cookies, browser hijackers, browser helper objects and phishing attacks) delivered through cross-site scripting (XSS), cross-site request forgery, SQL injections or invisible iFrames."

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.