[转载]Xanga跨站脚本攻击漏洞以及利用手法
信息来源:安全小组Vendor: Xanga
URL: [url]http://www.xanga.com/[/url]
Versions: Current
Remote: Yes
Vendor notified: 04 Nov 2004 at 16:48
Vendor response: NONE
Summary:
~~~~~~~
Xanga is a fully featured blogging system, it
provides great control over look & feel of a users
blog by allowing HTML with only basic checks.
Xanga has well over 2.5 million users and millions
of page views every hour.
A security vulnerability in sitemessage.aspx
allows malicious users to cause a legitimate-looking page to execute external code or display malicious content.
Examples Code:
~~~~~~~~~~~~~~~~~~~~~~~~
[url]http://www.xanga.com/sitemessage.aspx?user=%3Cimg%20src=%22http://www.gnaa.us/images/gnaa.png%22%3E[/url]
Impact:
~~~~~
External code can be run from security domain of Xanga.com, possibility of posting malicious content such as fake login forms or malicious scripts.
Vendor:
~~~~~
Vendor was informed months ago but we have recieved no reply.
Credits:
~~~~~
The GNAA Security Team: [url]http://www.gnaa.us/[/url]
页:
[1]