| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Jan 2016 15:34:58 -0600 From: Peter Lapp <lappsec@...il.com> To: fulldisclosure@...lists.org Subject: [FD] EasyDNNnews Reflected XSS Details ======= Product: EasyDNNnews Vulnerability: Reflected XSS Author: Peter Lapp, lappsec () gmail com CVE: None Vulnerable Versions: <7.5 Fixed Version: 7.5 Summary ======= >From the vendor's website: "EasyDNNnews is a very powerful DotNetNuke module that enables non-technical users to publish and manage articles, news, press releases, stories and editorials." During an engagement it was discovered that reflected XSS could be achieved in two locations by appending a bogus GET parameter that contained JavaScript in the parameter name. After alerting EasyDNNsolutions of the vulnerability, they informed me that one of the vulnerabilities had already been fixed and the other would be fixed in an upcoming release. Example ================= http://targetsite.com/Blog/Details/blog-post?%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E=1 Solution ======== Upgrade to 7.5 Timeline ======== 08/31/15 - Contacted EasyDNNnews about the vulnerability. 09/01/15 - Vendor responds and says the first vulnerability has been fixed and the other will be in the next release, which was 7.5. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists