Newscoop
  1. Newscoop
  2. CS-4182

Multiple Cross-Site Scripting (XSS) in Newscoop (htbridge.com)

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.5.3, 4.0 RC3
    • Fix Version/s: 4.0 RC4
    • Component/s: None
    • Labels:
      None
    • Originating Party:
      Experts
    • OS:
      Ubuntu 10.04
    • Browser:
      Firefox

      Description

      3.1 Input passed via the "Back" GET parameter to /admin/ad.php is not
      properly sanitised before being returned to the user.
      This can be exploited to execute arbitrary HTML and script code in
      administrator's browser session in context of the affected website.

      The following PoC (Proof of Concept) demonstrates the vulnerability:

      http://[host]/admin/ad.php?Back=%27%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E

        Activity

        Hide
        Petr Jasek added a comment -

        fixed both 3.5 and 4.0

        Show
        Petr Jasek added a comment - fixed both 3.5 and 4.0

          People

          • Assignee:
            Ofir Gal
            Reporter:
            Ofir Gal
            Implemented by:
            Petr Jasek
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 2 hours
              2h
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 hour Time Not Required
              1h

                Development

                  Poker Sessions

                  This issue is currently not assigned to any Poker Session.