6 Replies Latest reply on May 10, 2017 11:01 AM by Yogesh Deshpande

    XSS vulnerability with BMC Remedy Web-Mid Tier (on all versions till today)

      Share This:

      Our pen testers have recently found out that remedy system has an XSS vulnerability.

       

      Steps to reproduce -

      1 Login to Remedy Web using Firefox

      2 Open a new adjacent tab in the same browser session and copy the URL below (you could change the form-name 'HPD:HelpDesk' to any existing form on your server).

      https://<web-server>/arsys/servlet/AttachServlet/1358321229597?ATTKey=1/191/1/125/%3Cscript%3Ealert(1)%3C/script%3E12/HP…

       

      It executes the script.

       

      If anybody knows any workaround it, that would be very helpful.

       

      Thank you,

      Yogesh