discuz! 7.* Stored xss-vulnerability warning-the black bar safety net

ID MYHACK58:62201338345
Type myhack58
Reporter 佚名
Modified 2013-04-17T00:00:00


Post flash at the address filter is not strict, resulting in the storage typexss.


> document. write(AC_FL_RunContent('width', '5 5 0', 'height', '4 0 0', 'allowNetworking', 'internal', 'allowScriptAccess', 'never', 'src', 'aaaaaaaaaaaaa', 'quality', 'high', 'bgcolor', '#ffffff', 'wmode', 'transparent', 'allowfullscreen', 'true'));

As above, there is a output in the js, if the single quote is not filtered...



Repair solutions: http://www.discuz.net/thread-3241166-1-1.html