QaTraq contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'plan_title' and 'plan_content' variables upon submission to the design_copy_plan_search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Upgrade to version 6.7 RC or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1016381
• Bugtraq ID: 18620
• CVE ID: 2006-3312 (see also: NVD)
• Related OSVDB ID: 27599 27600 27601 27602 27603 27605 27606 27607 27608 27609 27610 27611 27612 27613 27614 27615 27616 27617
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0481.html
  http://attrition.org/pipermail/vim/2006-August/000969.html
  http://attrition.org/pipermail/vim/2006-July/000950.html
• Other Advisory URL: http://seclab.tuwien.ac.at/advisories/TUVSA-0606-001.txt
• Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?group_id=118486&release_id=435024
• Vendor URL: http://sourceforge.net/projects/qatraq/
  http://www.testmanagement.com/
• Keyword: TUVSA-0606-001

• Nenad Jovanovic - enjiseclab.tuwien.ac.at - Secure Systems Lab