Zoho BugTracker Multiple Stored XSS Vulnerabilities

Title: Zoho BugTracker Multiple Stored XSS Vulnerabilities
Advisory ID: ZSL-2012-5096
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 06.08.2012
Summary
Zoho Bug Tracker is an online bug tracking software that combines a clean and an intuitive interface to submit and track bugs with custom workflows, business rules, custom fields and filters for the bugs that software projects are bound to generate and fix all bugs fast.
Description
The Bug Tracking Software suffers from a stored XSS vulnerability when parsing user input to the 'comment' and 'mystatus' parameters via POST method thru 'bugdetails.do' and 'addmystatus.do' scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
Vendor
Zoho Corporation Pvt. Ltd - http://www.zoho.com
Affected Version
N/A
Tested On
Microsoft Windows XP Professional SP3 (EN)
Vendor Status
N/A
PoC
zohobugtracker_xss.html
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://www.exploit-db.com/exploits/20320/
[2] http://packetstormsecurity.org/files/115320
[3] http://cxsecurity.com/issue/WLB-2012080055
[4] http://xforce.iss.net/xforce/xfdb/77481
[5] http://www.securityfocus.com/bid/54848
[6] http://www.osvdb.org/show/osvdb/85132
[7] http://www.osvdb.org/show/osvdb/85133
Changelog
[06.08.2012] - Initial release
[07.08.2012] - Added reference [1], [2] and [3]
[09.08.2012] - Added reference [4] and [5]
[07.09.2012] - Added reference [6] and [7]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk