283 software vendors have fixed 921 vulnerabilities in their products thanks to High-Tech Bridge Security Research Lab.
Patch Available Upon Disclosure
|2013 Q4: 67%||2013 Q1: 100%|
|2013 Q3: 77%||2012 Q4: 68%|
|2013 Q2: 92%||2012 Q3: 69%|
Vendor Average Time to Patch
|2013 Q4: 8 days||2013 Q1: 13 days|
|2013 Q3: 13 days||2012 Q4: 26 days|
|2013 Q2: 30 days||2012 Q3: 22 days|
XSS in OneOrZero AIMS
|Vendor:||www.oneorzero.com ( http://www.oneorzero.com/ )|
|Vulnerable Versions:||2.8.0 Trial build231211 and probably prior|
|Tested Version:||2.8.0 Trial build231211|
|Advisory Publication:||December 28, 2011 [without technical details]|
|Vendor Notification:||December 28, 2011|
|Public Disclosure:||January 18, 2012|
|Vulnerability Type:||Cross-Site Scripting [CWE-79]|
|CVSSv2 Base Score:||4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)|
|Discovered and Provided:||High-Tech Bridge Security Research Lab|
High-Tech Bridge SA Security Research Lab has discovered vulnerability in OneOrZero AIMS, which can be exploited to perform cross-site scripting attacks.
Input appended to the URL after index.php is not properly sanitised before being returned to the user.
The following PoC code is available:
Successful exploitation of this vulnerability requires that victim is logged-in to the vulnerable website and Apache's directive "AcceptPathInfo" is "on" or "default" (default value is "default").
|Currently we are not aware of any vendor-supplied patches or other solutions. The vendor was contacted in accordance to our Vendor Notification Policy but we didn't get any answer or feedback.|
Please feel free to send us any additional information related to this Advisory, such as vulnerable versions, additional exploitation details and conditions, patches and other relevant details.