oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-request: WordPress-plugin bSuite <=4.0.7 permanent XSS

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 16 Apr 2012 13:28:33 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/16/2012 01:58 AM, Henri Salo wrote:

Hello,

This issue is without 2011 CVE. Could we assign one, thanks?

Original advisory:
http://www.ihteam.net/advisory/bsuite-wordpress-permanent-xss/ 
OSVDB: http://osvdb.org/74046 Secunia: SA45234 Discussion:
http://wordpress.org/support/topic/plugin-bsuite-xss-security-vulnerability-in-407

 Fixed in SVN revision 520611.


Please use CVE-2011-4955 for this issue.


- Henri Salo

svn diff -r520603:520611 Index: ui_stats.php 
===================================================================



- --- ui_stats.php        (revision 520603)

+++ ui_stats.php        (revision 520611) @@ -243,7 +243,7 @@

if( count( $results ) ) foreach( $results as $res ) -
echo '<li><a href="'. $res->name .'">'. wordwrap( urldecode(
str_replace( get_settings( 'siteurl' ), '', $res->name )), 25,
"\n", TRUE ) .'</a><br><small>Avg: '. number_format( $res->hit_avg
) .' Total: '. number_format( $res->hit_count )
."</small></li>\n"; +               echo '<li><a href="'.
sanitize_url( $res->name ).'">'. wordwrap( htmlspecialchars(
urldecode( str_replace( get_settings( 'siteurl' ), '', $res->name
))), 25, "\n", TRUE ) .'</a><br><small>Avg: '. number_format(
$res->hit_avg ) .' Total: '. number_format( $res->hit_count )
."</small></li>\n"; else echo '<li>No Data Yet.</li>';

@@ -276,7 +276,7 @@ if( count( $results ) ) foreach( $results as
$res ){ if( 1 == $res->object_type ) -                       echo
'<li><a href="'. $res->name .'">'. wordwrap( urldecode(
str_replace( get_settings( 'siteurl' ), '', $res->name )), 25,
"\n", TRUE ) .'</a><br><small>'. number_format( $res->hit_count )
.' hits since '. $res->date_min .'</small></li>'; +
echo '<li><a href="'. sanitize_url( $res->name ) .'">'. wordwrap(
htmlspecialchars( urldecode( str_replace( get_settings( 'siteurl'
), '', $res->name ))), 25, "\n", TRUE ) .'</a><br><small>'.
number_format( $res->hit_count ) .' hits since '. $res->date_min
.'</small></li>'; else echo '<li><a href="'. get_permalink(
$res->object_id ) .'">'. wordwrap( get_the_title( $res->object_id
), 25, "\n", TRUE ) .'</a><br><small>'. number_format(
$res->hit_count ) .' hits since '. $res->date_min
.'</small></li>'; }else{ Index: bsuite.php 
===================================================================



- --- bsuite.php  (revision 520603)

+++ bsuite.php  (revision 520611) @@ -3,7 +3,7 @@ Plugin Name:
bSuite Plugin URI: http://maisonbisson.com/bsuite/ Description:
Stats tracking, improved sharing, related posts, CMS features, and
a kitchen sink. <a
href="http://maisonbisson.com/bsuite/";>Documentation here</a>. 
-Version: 5 alpha 2 +Version: 5 alpha 3 Author: Casey Bisson Author
URI: http://maisonbisson.com/blog/ */ Index: readme.txt 
===================================================================



- --- readme.txt  (revision 520603)

+++ readme.txt  (revision 520611) @@ -4,7 +4,7 @@ Tags: cms,
content management, tags, stats, statistics, formatting, pages,
widgets, related posts, keyword searching, post, posts, page,
pages, admin, related content Requires at least: 3.2 Tested up to:
3.3.1 -Stable tag: 5a2 +Stable tag: trunk

A suite of tools used to help surface interesting and popular
stories as well as improve WordPress' CMS capabilities as an
application platform.



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPjHLhAAoJEBYNRVNeJnmTQLwP/05JX47iulyX4Qkjy4tZ2gT+
gOnxAIaZjEC832QprNpxPztRsZDxwuY/Smi8/rDge13oILRDv2GiwzGOXzL4IFXI
8xL7mM7ZrLQaYdo9rbJRwjC7bwaHLAX05kpbd4zVebGBogvAAXO7lbFuC1OdNlcB
Z9qvK3L2TKF9aQQX9pkDsYK/8c2aaL4Ar+a6oa4rd/yMNLGT+3T+WjATZjNqauwC
YJ2JMtgXgeubxtvWDYrGSg5S5adQoiuT9m8SrdFeizk/vstCEnyWfKzESwBsnpDn
8gBHiRtOih7yB2yaB3xM/27eEaU6KASAAUr70qCOcm3O2p9uR5W6BtDPpf9hV87i
iY72Eyyyte8xNoV9C8HIappX+ca4AVRECBa0E4ha6du27Fa5IRqNDjr9atvyqXoJ
g+gEcmVh0mdXUoErf4/lyRggqLlQKO1WkzSTyN6L7/0WYMazDogiFv+nlHi+gVcM
ZDT6PoU4x5wEzFLn3rMJ7kx6Z4/hARvp/6aXhauA+xZTm7QyDbamJ5hEuVcEkR34
eu279Gi6Lb9QqGb4YktsrkUgoYO0VZgHevRd5lKu1Tmxv7bcBpsNQJP/tu1IuH0H
PEqMzB/PoqQmpZ/PEE1oMKA+5Jgc36mCAlcUHobycC5br+H0UnfSD2wgOgNYBpvs
mKfkwacBNGyqVPoY0umA
=Jbis
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: