oss-sec mailing list archives
Re: CVE request: XSS in nusoap
From: Josh Bressers <bressers () redhat com>
Date: Tue, 7 Sep 2010 13:29:24 -0400 (EDT)
Please use CVE-2010-3070 Thanks. -- JB ----- "Raphael Geissert" <geissert () debian org> wrote:
Hi, A XSS vulnerability has been reported against the nusoap PHP library caused by insufficient sanitation of untrusted data ($_SERVER['PHP_SELF']) -- CWE-79. Original report against mantisbt: http://www.mantisbt.org/bugs/view.php?id=12312 Report against nusoap (and further references): http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005 The fixes proposed by David Hicks[1] (from mantisbt) add escaping to some other variables, but I haven't verified if they are actually exploitable (if that's so, the patch might need to pass the charset to htmlentities too.) [1]http://git.mantisbt.org/?p=mantisbt.git;a=commit;h=edb817991b99cd5538f102be26865fde7c6b7212 Could a CVE id be assigned? Thanks, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request: XSS in nusoap Raphael Geissert (Sep 03)
- Re: CVE request: XSS in nusoap Josh Bressers (Sep 07)