Bugtraq mailing list archives
[myimei]WordPress2.0.0~autorswebsite~XSS attack
From: addmimistrator () gmail com
Date: 14 Feb 2006 23:15:38 -0000
original advisory<<<<<
http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-attack.html#more-14
<<<<<>>>>>><<<<<>>>>
-Summary- Software: WordPress Sowtwares Web Site: http://www.wordpress.org Versions: 2.0.0 Class: Remote Status: Unpatched Exploit: Available Solution: Available Discovered by: <strong>imei addmimistrator</strong> Risk Level: <strong>Low</strong> Description There is some security bug in most poweful and common Blog Software, WordPress 2.0.0 (latest version) that allows attacker performe an <strong>XSS</strong> attack.<!--more--> bug is in result of poor checking quotations for user suplied variables in author's website for not logged in users. Exploit- Here is an example, but a good scenario can exploit better. goto a post,comment section fill all fields correctly, but <strong>author's website</strong>: <strong>" onfocus="alert(1)" onblur="alert(1)</strong> note to first coutation and loosed qoutation at end {for good exploit} any user that want to fill author website's field an alert will show; Solution Disable Comments for posts while vendor not provided patch. Credit Discovered by: imei addmimistrator addmimistrator(4}gmail(O}com www.myimei.com security.myimei.com
Current thread:
- [myimei]WordPress2.0.0~autorswebsite~XSS attack addmimistrator (Feb 15)