Full Disclosure mailing list archives
RSS Injection in Sage part 2
From: "David Kierznowski" <david.kierznowski () gmail com>
Date: Thu, 9 Nov 2006 00:18:57 +0000
RSS Injection is Sage part 2 2 months ago, both pdp and myself released a vulnerability and proof of concept exploit for Sage. (see: http://michaeldaw.org/md-hacks/cross-context-scripting-with-sage/). This issue was resolved in Sage release 1.3.7 ( http://mozdev.org/bugs/show_bug.cgi?id=15101). I found a new vulnerability which affects the latest version, Sage 1.3.8. In addition to the XSS vulnerability, it should be noted (as with the previous vulnerability) this issue occurs within the Local Browser Context. This means arbitrary file access etc. Full details and POC can be found at: http://michaeldaw.org/md-hacks/rss-injection-in-sage-part-2/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RSS Injection in Sage part 2 David Kierznowski (Nov 09)