[转载]Yacy跨站脚本攻击

信息来源：www.securiteam.com

Summary
YACY is "a Java Freeware P2P-Based Search Engine with Caching HTTP Proxy". Due to improper input filtering, YACY is vulnerable to Cross Site Scripting attacks.

Details
Vulnerable Systems:
* Yacy version 0.31

Immune Systems:
* Yacy version 0.32

Some of the input field are not filtered by the server so the input will appear in the returned page. This allows a malicious attacker to run JavaScript or other scripting language on a client's browser.

Proof of Concept:
To test the vulnerability, try for example:
http://[host]:8080/index.html?urlmaskfilter=<script>alert(document.cookie)</script>
http://[host]:8080/Wiki.html?page=<script>alert(document.cookie)</script>

Vendor Status:
The vendor has released version 0.32 which address this issue.

Additional information
The information has been provided by Donato Ferrante.