Genesys PureConnect as of their build on 08-October-2020 suffers from a cross site scripting vulnerability.
2232d00fcafe4584b543e46f696b904d45b43d8ecf53a41949a52a39eaffc149Product: Genesys PureConnect - Interaction Web Tools Chat Service
Description: Interaction Web Tools Chat Service allows XSS within the Printable Chat History via the participant -> name JSON POST parameter.
Vulnerability Type: XSS
Vendor of Product: Genesys PureConnect
Affected Product Code Base: Interaction Web Tools - Chat Service - Appears to be all versions up to current release
Affected Component: "Print" feature of the Interaction Web Tools Chat: https://help.genesys.com/pureconnect/mergedprojects/wh_tr/desktop/pdfs/web_tools_dg.pdf
Attack Vectors:
* To exploit the Cross-Site Scripting vulnerability, visit https://<vulnerable-domain>/I3Root/chatOrCallback.html<https://%3cvulnerable-domain%3e/I3Root/chatOrCallback.html>
* Then select the 'I don't have an account" option, and enter the name "><script>alert(1)</script>
* Then press 'Start Chat'
* Then enter anything in the chat box like 'asdfg' and press send
* Now select the 'Printable Chat History' in the top right corner
* XSS will trigger. You can google dork for vulnerable versions with inurl:"/I3Root/chatOrCallback.html"
I'm assuming if an admin tries to print the chat conversation, it will trigger for them as well. Unable to confirm though.
Discoverer: Jake Murphy - Echelon Risk + Cyber - https://echeloncyber.com/
> [References]
> http://genesys.com
> http://interaction.com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed