nGenuity Information Services – Security Advisory

   Advisory ID: NGENUITY-2009-004 - ChamberMaster Forgot Password Reflected Cross-Site Scripting
   Application: ChamberMaster.com
        Vendor: ChamberMaster, INC
Vendor website: http://www.chambermaster.com
        Author: Adam Baldwin (adam_baldwin@ngenuity-is.com)

  I. BACKGROUND
     ChamberMaster is a hosted web application that is designed to manage
various aspects of chamber of commerce operations. 

 II. DETAILS
     The ChamberMaster hosted application is vulnerable to a reflected
cross-site scripting vulnerability. This attack can be used to display
content or execute malicious JavaScript in the context of the victims
web browser.

Attack Scenario:
1. The attacker sends or places links, similar to the one below. These could be
   delivered via instant message, social network, email or any other medium
   in which a link can be provided to an end user.
   Example URL

     /directory/jsp/admin/login/ForgotPwd.jsp?email=INSERTXSSHERE

2. Victim clicks on link.
3. Victims browser executes malicious code. 

From this attack, the attacker now controls the victims browser.
They can access and manipulate data that users ChamberMaster session has access
too.

III. REFERENCES
     [1] - http://www.chambermaster.com

 IV. VENDOR COMMUNICATION
     2.3.2009 - Vendor Notified
     2.6.2009 - Notification from vendor that this issue has been fixed.

Copyright (c) 2008 nGenuity Information Services, LLC