Home page logo

bugtraq logo Bugtraq mailing list archives

CVE-2013-5118 - XSS Good for Enterprise iOS
From: mario () roblest com
Date: Tue, 24 Sep 2013 15:44:53 GMT


Last month I identified a XSS vulnerability in the Good for Enterprise iOS application.

The vulnerable versions are v2.2.2.1611 and earlier
Proof of Concept:
HTML Email including the following payload will execute Javascript statements when the victim open the email using the 
vulnerable version.
<script>alert('XSS Here')</script>
I worked with the Good people to close the issue, I provided some guidance and feedback and agreed with them to not 
disclose it until they fix it.

The new release is now available:
Update the "Good for Enterprise" iOS application to or newer

Can the comunity please provide feedback and comments in order to ensure the fix is working well

Many thanks


  By Date           By Thread  

Current thread:
  • CVE-2013-5118 - XSS Good for Enterprise iOS mario (Sep 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]