oss-sec mailing list archives
Re: CVE-2009-4168: WordPress plugin vkontakte-api XSS vulnerability
From: Henri Salo <henri () nerv fi>
Date: Thu, 14 Mar 2013 10:47:10 +0200
On Mon, Mar 11, 2013 at 09:44:33AM +0200, Henri Salo wrote:
Plugin URL: http://wordpress.org/extend/plugins/vkontakte-api/ Affected file: tagcloud.swf 368b01e1728111f99d93ac5805d97abbb899a910 PoC: wp-content/plugins/vkontakte-api/swf/tagcloud.swf?mode=tags&tagcloud=<tags><a+href=%27javascript:alert%28document.cookie%29%27+style=%27font-size:+40pt%27>oss-security</a></tags> Affected versions: 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.7 Currently no fix available.
WordPress plugin-guys replied Mon, 11 Mar 2013 21:32:52 +0000 "Closed this morning :)" Now the changelog says: ------------------------------------------------------------------------ r681668 | kowack | 2013-03-14 09:39:40 +0200 (Thu, 14 Mar 2013) | 1 line 2.7 to 3.0 ------------------------------------------------------------------------ r681323 | kowack | 2013-03-13 18:04:13 +0200 (Wed, 13 Mar 2013) | 1 line amen ------------------------------------------------------------------------ r681320 | kowack | 2013-03-13 18:01:49 +0200 (Wed, 13 Mar 2013) | 1 line major update, may has bugs :( ------------------------------------------------------------------------ r568584 | kowack | 2012-07-07 09:49:19 +0300 (Sat, 07 Jul 2012) | 1 line And it seems that tagcloud.swf is removed from version 3.0 of the plugin. Changelog does not include CVE nor notification about security issues fixed. Well at least it is fixed. -- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2009-4168: WordPress plugin vkontakte-api XSS vulnerability Henri Salo (Mar 11)
- Re: CVE-2009-4168: WordPress plugin vkontakte-api XSS vulnerability Henri Salo (Mar 14)