Lucene search
K

webwiz-xss.txt

🗓️ 29 Jul 2008 00:00:00Reported by CSDTType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 27 Views

Multiple cross-site scripting vulnerabilities in Web Wiz Rich Text Editor version 4.02 allows remote attackers to inject arbitrary web scripting, leading to a loss of integrity. Upgrade to version 4.03 or higher to fix this vulnerability

Code
`-######### [Saved] - [27-07-2008/13:10:02]  
# .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02   
# .: [Author] CSDT  
# .: [Affected versions] http://www.webwizguide.com/ - Web Wiz Rich Text Editor (RTE) 4.02  
# .: [Credit] The disclosure of these issues has been credited to autehoker of CSDT   
# ÷_____________________________________________________________________________________________ˆ   
# .: [Script Description]   
# (Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in   
# Web Wiz Rich Text Editor (RTE) 4.02 and earlier, and 3.x versions, allow remote attackers  
# to inject arbitrary web scripting. This flaw exists because the application does not validate   
# the Link Type ( "Email" ) variables upon submission to the RTE_popup_link.asp script.   
# This could allow a user to create a specially craftedURL that would execute arbitrary code   
# in a user's browser within the trust relationship between the browser and the server,   
# leading to a loss of integrity.  
# ÷_____________________________________________________________________________________________ˆ  
# .: [Classification]   
# Attack Type: Input Manipulation  
# Impact: Loss of Integrity   
# Fix: N/A Public release vulnz: {27-07-2008 Sun}  
# Class Input Validation Error  
# ÷_____________________________________________________________________________________________ˆ  
# .: [Solution]   
# Upgrade to version 4.03 or higher, as it has been reported to fix this vulnerability.   
# An upgrade is required as there are no known workarounds.   
# Actual Version: Web Wiz Rich Text Editor (RTE) 4.02  
# ÷_____________________________________________________________________________________________ˆ  
# .: [References]  
# Original Advisory http://depo2.nm.ru/WebWiz_Rich_Text_Editor_v4.02_XSS.txt  
# Related Depo2 BugTracker: http://depo2.nm.ru/WebWiz_Rich_Text_Editor_v4.02_XSS.txt  
# ÷_____________________________________________________________________________________________ˆ  
# .: [Manual Testing Notes]  
# ÷   
# Web Wiz Rich Text Editor version 4.02 // RTE_popup_link.asp   
#   
# function initialise(){  
# var selectedRange = window.opener.document.getElementById('WebWizRTE').contentWindow.window.getSelection().toString();  
# //Use editor selected range to fill text boxes  
# if (selectedRange != undefined){  
# document.getElementById('URL').value = selectedRange  
# document.getElementById('email').value = selectedRange  
# }  
# ÷   
# Select Link Type: Email - {Email value not filtered}  
# ¤ span id="mailLink"   
# ¤ input name="email" onfocus="document.forms.frmLinkInsrt.Submit.disabled=false;  
# //Line 65 post back If Request.Form("URL") <> "" OR Request.Form("email") <> "" AND Request.Form("postBack") Then  
# ÷  
# ÷_____________________________________________________________________________________________ˆ  
# .: [Script Download] {Free lisans: http://www.webwizguide.com/download/download.asp?DL=rte}   
# .: [XSS] U-Code %3C/textarea%3E'%22%3E%3Cscript%3Ealert('document.cookie')%3C/script%3E  
# .: [XSS] N-Code </textarea>'"><script>alert(document.cookie)</script> {XSSing.Com - XSS CHEATS Auth. Depo2}  
# .: [ScreenShot] http://depo2.co.cc/WebWiz_Rich_Text_Editor_v4.02_XSS.jpg  
# .: [Demo] http://www.webwizguide.com/webwizrichtexteditor/demo/RTE_popup_link.asp  
# ÷_____________________________________________________________________________________________ˆ  
# .: [Greetings]  
# ÷   
# .:[shoutz] L0cKed, Elrohir, xo7, Th3.Azad, Depo2, The_keSsk!N, MadNet, hayalperest, K4R4B3L4  
# ÷ ankuN, row3r, LekHe, M3M4T!, Dr.ExPERT, MuR@T, Bigboss, EjDeRx7, Arslan Yabgu, türk_üz, by.s.s,  
# makmanaman, İsimsizCod3r, hackerali, **De-PreaM**, DarKWorM, Brian, |_GeCCe_|, BİXİi , EkBeR-I DeRYa  
# ÷   
# .: [SS] CSDT- Atabeyler TIM - Atabeyler.Org   
-########_______________________________________________________________________________________ ####   
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation