ClusterMaps - Cross Site Scripting Vulnerability
Vulnerability Laboratory ID (VL-ID):
Product & Service Introduction:
Do you know your audience? You will with ClustrMaps! Visitors don t need to click on anything: just viewing your page is sufficient. We provide (free) the HTML that gives you a tiny map, like the one on the left. When it loads, it increments a counter and shows the locations of all visitors to your page, cumulatively (even for huge numbers). Clicking on it zooms in to a big world map, and (optionally) lets you zoom in to the continents, as in the example above. For light users (under 2500 visitors daily) the service is free, forever, and stores cumulative totals up to millions of visitors. Paying users get extra features.
* Know your visitors
* Target your content
* Show off your community
* Automatic: clicks optional
* Speedy, scalable
* Giant map, optional zooms
* No spyware, no cookies
* Learn more...
(Copy of the Vendor Homepage: http://www.clustrmaps.com/)
Abstract Advisory Information:
Vulnerability Lab Team discovered a Cross Site Scripting Vulnerability on ClusterMaps Locator Exchange Banner.
Vulnerability Disclosure Timeline:
2011-07-26: Public or Non-Public Disclosure
Technical Details & Description:
implement malicious codes on exchange websites (customers) to steal sessions via user interaction. The vulnerability is located in the ?url=
parameter which is included on the own website by customers. Attackers can steal sessions through the implemented banner on the customer website.
[+] Maps / URL
Code Review: ClusterMaps Banner
Proof of Concept (PoC):
The vulnerability can be exploited by remote attackers via user interaction. For demonstration ...