Bugtraq mailing list archives
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin
From: Alexandro Silva <alexos () ibliss com br>
Date: Thu, 12 Sep 2013 17:19:21 -0300
[Design-Approval-System Wordpress plugin XSS ] [vendor product description]A system to streamline the process of getting designs, photos, documents, videos or music approved by clients quickly.
[Bug Description]The walkthrouth web page does not validate the step parameter leading to a Cross-site scripting flaw. An no authenticated user is required to exploit these security flaws.
[History] Advisory sent to vendor on 09/03/2013 Vendor reply 09/03/2013 Vendor patch published 09/07/2013 [Impact] HIGH [Afected Version] 3.6 [Vendor Reply] 03/09/2013 07/09/2013 - Vulnerability fixed. 3.7 version released. [CVE Reference] CVE-2013-5711 [PoC]Payload: http://[host]/wordpress/wp-content/plugins/design-approval-system/admin/walkthrough/walkthrough.php?step=%3C/script%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E
[References][1] Design Approval System http://wordpress.org/plugins/design-approval-system [2] Design Approval System 3.7 release notes http://wordpress.org/plugins/design-approval-system/other_notes/
[3] Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org/ -------------------------------------------- iBliss Segurança e Inteligência - Sponsor: Alexandro Silva - Alexos alexos (at) ibliss.com (dot) br [email concealed] [Greetz] Ewerson Guimarães - Crash -- Alexandro Silva alexandro.silva () ibliss com br iBLISS Segurança & Inteligência +55 71 8847-5385 +55 11 3255-3926 www.ibliss.com.br
Current thread:
- [iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin Alexandro Silva (Sep 13)