Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Minify 2.1.3 Cross Site Scripting

🗓️ 21 Mar 2012 00:00:00Reported by Ayoub AboukirType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 46 Views

Minify 2.1.3 and 2.1.4-Beta DOM-Based XSS Vulnerability in URI Builde

Code
`+-------------------------------------------------------------------------------------------+  
# Title : Minify and related plugins DOM-Based XSS Vulnerability  
# Version : 2.1.3 & 2.1.4-Beta  
# Credit : Ayoub Aboukir, Independent Security Researcher  
# Contact : <ay.aboukir at gmail d0t com>  
# Software Link : http://code.google.com/p/minify/  
# Release note: https://groups.google.com/group/minify/browse_thread/thread/48c1d1cf2642f79  
# Date of found : 03/01/2012  
# Date of report : 03/03/2012  
# Developer response: 03/03/2012  
# Upgrade release : 03/10/2012  
# Disclosure date : 03/21/2012  
+-------------------------------------------------------------------------------------------+  
-------------------------------  
+---+[About the software]+---+  
-------------------------------  
It combines multiple CSS or Javascript files, removes unnecessary whitespace and comments,   
and serves them with gzip encoding and optimal client-side cache headers.  
Minify integrated into other Projects/Plugins  
* WordPress: WP-Minify  
* WordPress: W3 Total Cache  
* Zend Framework: View helpers for links/scripts  
* Symfony: sfMinifyPlugin  
* Moodle: minify  
* Yii: minscript Extension   
-----------------------------  
+---+[About the exploit]+---+  
-----------------------------  
DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack  
payload is executed as a result of modifying the DOM “environment” in the victim’s browser used   
by the original client side script, so that the client side code runs in an “unexpected” manner.   
That is, the page itself (the HTTP response that is) does not change, but the client side code   
contained in the page executes differently due to the malicious modifications that have occurred   
in the DOM environment.  
------------------------------  
+---+[Proof of Concept: ]+---+  
------------------------------  
A specially formed URL could cause a user's web browser to run arbitrary Javascript on a  
domain where the Minify Builder application is accessible. If a host serves the "Minify  
URI Builder" application at http://example.org/min/builder/, the host is vulnerable  
  
By adding "#g=<script>alert("XSSed ");</script>" after /min/builder/ the attacker can  
execute an arbitrary code, in this case it's the classical alert box.  
Example: http://localhost/min/builder/#g=<script>alert(document.cookie)</script>  
This shows the current sessions cookies which might be sent to third parties' attacker pages.  
------------------------  
+---+[ Greetz to ]+---+  
------------------------  
Yasser & Yassin Aboukir  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Mar 2012 00:00Current
0.1Low risk
Vulners AI Score0.1
minifycross site scriptingvulnerabilitydom-basedxssuri buildersecurity issueexploitproof of conceptweb security
46