[pLog-svn] xss in 1.2.7
Reto Hugi
plog at hugi.to
Sat May 3 10:43:07 EDT 2008
On 05/03/2008 04:06 PM, Mark Wu wrote:
> Actually, it happened in every search term ...
>
> The problem is .... Does it matter if user can get his own cookie?
>
> He can do the same thing with template editor ....
>
I agree, that not all XSS vulnerabilities are equally dangerous. But
this one should be fixed (and I agree, that we should really review all
request handling, like jon said).
If an attacker can trick you in clicking a link (e.g. he posts an
article on his blog hosted by you, the admin) - he can easyly hijack
your session and become admin. And that's not something you want, right?
As the vulnerability does not only exist for POST requests as mentioned
in the fulldisclosure, but also for GET requests. This is even easier to
exploit.
I'll see what I can do and have a fix ready until tomorrow.
cheers, reto
More information about the pLog-svn
mailing list