Addressbook versions 8.1.24.1 and 8.2.5 suffer from a cross site scripting vulnerability in Group Name.
20aebf2bfe9b011017e46733e1177c025ebc2f405f02f295a97fb67315a1919d
Instructions.
After authentication, click on the Group tab at the top. Click on the
New Group Button on the group page.
For the group name (the first field) enter the following XSS test
string:
<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
Then call the XSS string from the URL -- technically one calls the group
name -- through the group parameter as such:
http://[server]/index.php?group=%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E
I emailed the apparent author but did not receive a reply.
Ken
http://silverbackventuresllc.com