ArcticDesk – Multiple XSS Flaws (R911-0048)

Type: XSS
Location: Remote
Impact: High
Product: ArcticDesk
Website: http://www.arcticdesk.com
Vulnerable Version: 1.2.0
Fixed Version: 1.2.1
CVE: -
R911: 0048
Date: 2013-07-24
By: http://www.rack911.com

Product Description:

ArcticDesk is a lightweight support help desk solution. It lets you manage tickets, emails, announcements, articles, downloads and more, all in one place.

Vulnerability Description:

There are numerous XSS vulnerabilities present in both the client frontend and the administrator frontend. The most severe of which can show up when viewing tickets.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.

Impact:

We have deemed this vulnerability to be rated as HIGH due to the fact that the XSS code is being executed in the administrator frontend which can also contribute to a CSRF attack.

Vulnerable Version:

This vulnerability was tested against ArcticDesk v1.2.0.

Fixed Version:

This vulnerability was patched in ArcticDesk v1.2.1.

Vendor Contact Timeline:

2013-05-02: Vendor contacted via email.
2013-05-02: Vendor confirms vulnerability.
2013-06-25: Vendor issues 1.2.1 update.
2013-07-24: Rack911 issues security advisory.