This vulnerability allows one to bypass weak XSS filtering / validation on vulnerable installations of LDAP Tool Box. User interaction is required to exploit this vulnerability in that the target must open or browse a malicious link.
The vulnerable weak XSS filtering mechanism will prevent some but not all XSS injections. It really depends on the execution context. Relying on the htmlentities encoding function is equivalent to using a very weak blacklist.
I have written a proof-of-concept exploit which causes a fake login page, with corresponding javascript key logger, to render in the victim’s browser.
Affected Products
All installations of LDAP Tool Box which does not have the appropriate patch applied
** Remediation**
Until LDAP Tool Box releases an upgraded version, please apply the patch found here.
** Additional information**