Novell Vibe version 3 BETA OnPrem suffers from a stored cross site scripting vulnerability.
38d0853e67710878d23cc032e0905d8715455a8808a2d048463114929f781f0e
Title: Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability
Risk (CVSS2 Base Score): High (7.0)
Solutionary ID: SERT-VDN-1002
CVE ID: CVE-2010-4322
Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html
Product: Vibe 3 BETA OnPrem
Application vendor: Novell
Vendor URL: http://www.novell.com/products/vibe-onprem/
Date discovered: 11/10/2010
Discovered by: Rob Kraus, Paul Petefish, and Solutionary Engineering Research Team (SERT)
Vendor notification date: 12/3/2010
Vendor response date: 12/3/2010
Vendor acknowledgment date: 12/3/2010
Vendor provided fix: Final shipping version of Novell Vibe OnPrem 3
Release coordinated with the vendor: 12/4/2010
Public disclosure date: 12/10/2010
Type of vulnerability: Stored Cross-site Scripting (XSS)
Exploit vectors: Local and Remote
Vulnerability description: Users can include and store arbitrary client side code such as JavaScript in the Novell Vibe web application. The code then can be executed within an unsuspecting victims browser.
The vulnerability exists due to the /gwtTeaming.rpc code not properly sanitizing user input into the What Are You Working On? or Micro Blog entry field. Also, the application fails to encode the output allowing for the execution of the script.
Tested on: Cent OS 5.5 (kernel 2.6.18-194), MySQL Version 14.12 Distribution 5.0.77, and Novell Vibe 3 BETA OnPrem.
Affected software versions: Vibe 3 BETA OnPrem
Impact: Any user who can view another users Micro Blog entry is vulnerable to this XSS attack. Successful exploitation of this vulnerability could result in session cookie theft, session hijacking, URL redirection, and possible operating system code execution on the targeted victims host.
Fixed in: Fixed in the final shipping version of Novell Vibe OnPrem 3
Remediation guidelines: Update to the final shipping version of Novell Vibe OnPrem 3
Keywords: security, vulnerability, Novell, vibe, collaboration, xss, stored, cross-site scripting
Solutionary, Inc. Vulnerability Disclosure Policy
http://www.solutionary.com/index/SERT/Vulnerability-Disclosure-Policy.html