Angel Learning Management 7.3: Cross Site Scripting Vulnerability

Users of Angel Learning Management 7.3 please be advised of a Cross Site Scripting vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Angel-SA-11/05/2010: Angel LMS Exploit
Angel Learning Management 7.3 is vulnerable to a Cross Site Scripting
exploit. This exploit allows the injection of arbitrary javascript
through a URL parameter. This is a non-persistent exploit, meaning it
is subject to a user controlled variable (the url parameter). This
exploit can be used to steal the session data from the cookie of
another user, and gain the privileges of that user.

This exploit can also be used in combination with “Cross Site Request
Forgery”. Meaning if the session data in the cookie was made HTTPOnly
(which it isn’t) then the exploit could be used to undergo any action
of the privileged user regardless.Read more at http://www.criticalwatch.com

 

Advertisements