Full Disclosure mailing list archives
Dotclear 1.* Cross Site Scripting Vulnerability
From: "nssimo nssimo" <nsimou () gmail com>
Date: Thu, 12 Apr 2007 12:16:49 +0000
Dotclear 1.* Cross Site Scripting Vulnerability 1--two cross site scripting vulnerabilities have been discovered in the dotclear1.* allowing a remote attackers to hijack authenticated session Workaround: $post_id (trackback.php) $tool_url(/tools/thememng/index.php) are not filtered 2-Proof of Concepts: dotclear/ecrire/trackback.php?post_id="><script>alert(document.cookie );</script> /ecrire/tools.php?tool_url=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&p=thememng 3-Disclosure timeline 05/04/2007 dotclear team contacted 10/04/2007 fixed 4-solution: upgrade to dotclear 1.2.6 http://www.dotclear.net/ found by nassim http://www.securlabs.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Dotclear 1.* Cross Site Scripting Vulnerability nssimo nssimo (Apr 12)
- <Possible follow-ups>
- Dotclear 1.* Cross Site Scripting Vulnerability Julien Dhaille (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Nikolay Kichukov (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Julien Dhaille (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Nikolay Kichukov (Apr 17)