redhat.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86, Javascript Injection, Resolved

Resolved: Search Query XSS in www.redhat.com 
Reported a while back and fixed more recently.

Does your Site have a Search Box? Test for XSS.
Does your Site use Omniture Tracking Code? Test for XSS.

Once upon a time, www.redhat.com had Search Form XSS in the q Param due to the “old and vulnerable Omniture Code” that allowed Injection to any Site containing the Omniture Tracking Code.

The Search Query was contained in the Application Response from the Omniture JavaScript Code.

Example Response:
       s.events=”eventxxxx”
       s.eVar4=”user_controlled_input”
       s.prop17=”user_controlled_input”
     

Javascript Injection in Search Form in www.redhat.com
Resolved: Search Query XSS in www.redhat.com