Cross-Site Scripting(XSS) Vulnerability in Collection Name Field

Overview

Versions of TeleScope prior to 2020.1 were vulnerable to an XSS vulnerability whereby an actor while creating a collection, could supply crafted HTML as the collection name containing arbitrary javascript code on DOM events.

xss1.png

This would then get injected into the HTML for viewers of the collection executing the javascript as the DOM events would fire in the unsuspecting user's browser which could be used to leak client's confidential information, like SessionID.

xss2.png

 

Solution

XSS attacks are prevented by validating all user inputs so that no executable code can be injected through user inputs. This issue was fixed in TeleScope Executive 2020.1. If you're on an affected version, it is recommended you upgrade to the mentioned or later version. If your TeleScope installation has customizations or you're an OnDemand customer, please contact your Account Manager or support for help with this.

 

Testing

After upgrading, any code entered through will get sanitized and will be rendered inexecutable by TeleScope, thus preventing the execution of any javascript code.

Comments

0 comments

Please sign in to leave a comment.