| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Feb 2013 17:24:58 GMT From: nauty.me04@...il.com To: bugtraq@...urityfocus.com Subject: Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability ############################# Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ CVE Assigned - CVE-2013-1759 ############################# Responsive Logo Slideshow Plugin description The Responsive Logo Slideshow Plugin in Wordpress http://wordpress.org/extend/plugins/responsive-logo-slideshow/ has a Reflected/Stored? XSS Vulnerability in the URL and Image input box. If a malicious user is able to inject a script that may affect each and every viewer who visits the website. Once a malicious user compromises the login credentials, he may use these input fields to store malicious scripts and thus carry on a passive attack. ########################## XSS location URL and Image input box. Script Used- ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> ########################## Vendor Notification 05/02/2013 to: - Vendor notified awaiting action 17/02/2013 - The Plugin has been removed from the repository by the Wordpress Team
Powered by blists - more mailing lists