Full Disclosure mailing list archives

CVE-Request:stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations

From: Wester 95 <evilzyzeng () outlook com>
Date: Sat, 8 Apr 2017 09:39:31 +0000

Hi team,

I would like to request one CVE id for this, thank you!



Details

======


Software: s9y Serendipity

Version: 2.1-rc1

Homepage: https://docs.s9y.org/


=======


Description

================


stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations


===========


POC

==========


1.login as a common editor user


2.open a new entry ,then write:


<img src=1 onerror=alert(document.cookie)>


post it!

2.then when admin view it,XSS attack will occur!


=========


Fixed

========


https://github.com/s9y/Serendipity/issues/456


========


Best regards,


Zhiyang Zeng of Tencent security platform department



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

CVE-Request:stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations Wester 95 (Apr 09)