[pLog-svn] Lifetype 1.2.8 ...
Jon Daley
plogworld at jon.limedaley.com
Sun May 4 21:42:04 EDT 2008
On Sun, 4 May 2008, Reto Hugi wrote:
> Writing the cookie in the popup is not really the exploit that makes
> this issue critical. It's a common way of doing PoC for XSS (like a
> Hello World script).
>
> I've already tried to explain earlier:
>> If an attacker can trick you in clicking a link (e.g. he posts an
>> article on his blog hosted by you, the admin) - he can easyly hijack
>> your session and become admin.
Can you post an example? I am still not getting how the
server-side is involved. I understand that if I put javascript on the
admin's site, the javascript would have access to stuff, but the browser
is supposed to block javascript from grabbing stuff from one site and
posting it to another, right? So, somehow he grabs stuff via javascript,
posts it to admin.php which then posts stuff to another site?
> Second: People don't really care how serious the XSS really is. We will
> be measured on how fast we can publish the fix for this full disclosure.
> That's why I'd release it today.
Sure, that's fine, but as far as I can tell, all inputs would be
susceptible to the same problem, so fixing one variable isn't really a
fix.
More information about the pLog-svn
mailing list