[pLog-svn] xss in 1.2.7
Mark Wu
markplace at gmail.com
Sat May 3 10:50:19 EDT 2008
Anyway, I can fix this one later ...
But, the problem is he can do the same thing with template editor .... I
have no idea how to prevent ...
Unless the site owner disable this plugin.
Mark
> -----Original Message-----
> From: Reto Hugi [mailto:plog at hugi.to]
> Sent: Saturday, May 03, 2008 10:43 PM
> To: Mark Wu
> Cc: 'LifeType Developer List'
> Subject: Re: [pLog-svn] xss in 1.2.7
>
> On 05/03/2008 04:06 PM, Mark Wu wrote:
> > Actually, it happened in every search term ...
> >
> > The problem is .... Does it matter if user can get his own cookie?
> >
> > He can do the same thing with template editor ....
> >
>
> I agree, that not all XSS vulnerabilities are equally
> dangerous. But this one should be fixed (and I agree, that we
> should really review all request handling, like jon said).
> If an attacker can trick you in clicking a link (e.g. he
> posts an article on his blog hosted by you, the admin) - he
> can easyly hijack your session and become admin. And that's
> not something you want, right?
>
> As the vulnerability does not only exist for POST requests as
> mentioned in the fulldisclosure, but also for GET requests.
> This is even easier to exploit.
>
> I'll see what I can do and have a fix ready until tomorrow.
>
> cheers, reto
More information about the pLog-svn
mailing list