{"vuid":"VU#595142","idnumber":"595142","name":"Corporater EPM Suite is vulnerable to cross-site request forgery and cross-site scripting","keywords":["Corporater","EPM","XSS","CSRF","cross-site scripting","cross-site request forgery","JavaScript","CVE-2013-3583","CVE-2013-3584"],"overview":"Corporater EPM Suite contains cross-site request forgery (CSRF) (CWE-352) and reflected cross-site scripting (XSS) (CWE-79) vulnerabilities.","clean_desc":"CWE-352: Cross-Site Request Forgery (CSRF) - CVE-2013-3583\nCorporater EPM Suite contains a cross-site request forgery vulnerability  on the saveProperties.html page through a webpage constructed and sent to a previously authenticated user to make an unauthorized change to their password. CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVE-2013-3584\nCorporater EPM Suite also contains a reflected cross-site scripting vulnerability  that can allow an attacker to inject arbitrary HTML content (including script) via the vulnerable query string parameter customerId. The CVSS score below applies to the CVE-2013-3584 vulnerability.","impact":"An attacker can conduct a cross-site scripting or cross-site request forgery attack, which could be used make unauthorized changes to user credentials or inject arbitrary HTML content (including script) into a web page presented to the user. JavaScript can be used to steal authentication cookies or other sensitive information.","resolution":"We are currently unaware of a practical solution to this problem.","workarounds":"","sysaffected":"","thanks":"Thanks to Tudor Enache of Help AG Middle East \nfor reporting this vulnerability.","author":"This document was written by Adam Rauf.","public":["http://cwe.mitre.org/data/definitions/352.html","http://cwe.mitre.org/data/definitions/79.html","http://www.corporater.com/en/products/?ref=header"],"cveids":["CVE-2013-3583","CVE-2013-3584"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-07-02T16:40:54Z","publicdate":"2013-08-26T00:00:00Z","datefirstpublished":"2013-08-26T13:47:34Z","dateupdated":"2013-09-03T18:46:59Z","revision":36,"vrda_d1_directreport":"1","vrda_d1_population":"1","vrda_d1_impact":"1","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"N","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"U","cvss_reportconfidence":"UC","cvss_collateraldamagepotential":"N","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"5","cvss_basevector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvss_temporalscore":"4","cvss_environmentalscore":"1","cvss_environmentalvector":"CDP:N/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}