Kartier Pohs

Saturday, March 5, 2016

Cross Site Scripting Vulnerability in CISCO.

CISCO is a well known company that designs, manufactures and sells networking devices.While testing on website of CISCO i found a stored cross site scripting vulnerability there.I reported this vulnerability to CISCO , after a long conversation they fixed the bug and awarded me an Appreciation certificate after 3 months.

Vulnerability Type: Stored XSS
Vulnerable Link: https://res.cisco.com

Payload used:  "/><img src=x onerror=prompt(/XSS-Tested-By-Yogesh-Prasad/)>

Reproduction steps:
1-Go to  https://res.cisco.com/websafe/login.action
2-Login to your account.
3-click on compose message and send a message to any email(x).
4-Now you will find an  attachment in email(X) with .html extension.
5-Click on view on attachment.
6-Now in To section,you will foind a dropdown,"select address not listed"
7-Click on open,Click on yes during confirmation.
8-Now in email box use the above given payload Payload used:  "/><img src=x onerror=prompt(/XSS-Tested-By-Yogesh-Prasad/)>
9-Press Enter and you will get the "popup box" generated by XSS.

Proof : 
Cross Site Scripting Vulnerability in CISCO.

Appreciation Certificate Awarded by CISCO :

Cross Site Scripting Vulnerability in CISCO.

Read more ...
Copyright 2015 @ Yogesh Prasad