lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAB0hXMpbNmG-NiKavfsBMp+giTDxF+svB-YwynhYF7-ZUm2OTw@mail.gmail.com>
Date: Tue, 12 Jan 2016 15:34:58 -0600
From: Peter Lapp <lappsec@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] EasyDNNnews Reflected XSS

Details
=======

Product: EasyDNNnews
Vulnerability: Reflected XSS
Author: Peter Lapp, lappsec () gmail com
CVE: None
Vulnerable Versions: <7.5
Fixed Version: 7.5


Summary
=======

>From the vendor's website: "EasyDNNnews is a very powerful DotNetNuke
module that enables non-technical users to publish and manage articles,
news, press releases, stories and editorials."

During an engagement it was discovered that reflected XSS could be achieved
in two locations by appending a bogus GET parameter that contained
JavaScript in the parameter name. After alerting EasyDNNsolutions of the
vulnerability, they informed me that one of the vulnerabilities had already
been fixed and the other would be fixed in an upcoming release.


Example
=================

http://targetsite.com/Blog/Details/blog-post?%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E=1


Solution
========

Upgrade to 7.5


Timeline
========
08/31/15 - Contacted EasyDNNnews about the vulnerability.
09/01/15 - Vendor responds and says the first vulnerability has been fixed
and the other will be in the next release, which was 7.5.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ