ClickDesk versions 4.3 and below suffer from multiple persistent cross site scripting vulnerabilities.
344fe9de1d611e0634831da9f2d4b854bfccfac96330419b32ed688d72f409ad
ClickDesk Multiple Persistent XSS
Details
========================================================================================
Product: ClickDesk a [ cross platform live chat and support plugin ]
Security-Risk: High
Remote-Exploit: yes
Vendor-URL: https://www.clickdesk.com/
Advisory-Status: NotPublished
Credits
========================================================================================
Discovered by: Owais Mehtab
Greets To: Mirza Burhan Baig, Muhammad Waqar, Muhammad Ali Baloch, Navaid Zafar Ansari
Affected Products:
========================================================================================
ClickDesk <=4.3
Tested on wordpress 3.8.1
Description
========================================================================================
"Live Chat Plugin"
More Details
========================================================================================
I have discsovered a persistent Cross site scripting (XSS) inside
ClickDesk,the vulnerability can be easily exploited and can be used to steal cookies,
perform phishing attacks and other various attacks compromising the security of a
user.
Proof of Concept
========================================================================================
1-Live Chat XSS
---------------
go to any website having ClickDesk Live Chat installed,
Click on the "Live Chat widget" and set the below vector in name field
"><img src=O onerror=prompt(document.cookie);>
Now click on initiate chat
Wollah.. here you go with your own Cookie!
2-Email XSS
-----------
go to any website having ClickDesk Live Chat installed,
Click on the "Live Chat widget", this time select the email option and set the below vector in message field
"><img src=O onerror=prompt(document.cookie);>
Now Click on submit
Wollah.. again here you go with your own Cookie!
Solution
========================================================================================
Edit the source code to ensure that input is properly sanitised.
--
Regards,
Owais Mehtab