ProblemaT
19.01.2006, 16:15
Если не трудно объясните куда её внедрить... эту xss, в клендарь... но куда именно
Vulnerability:
--------------------
Html_Injection :
The software does not properly filter HTML tags in the title of events before being passed to user in 'calendar.php'&'reminder.php AS include'. that may allow a remote user to inject HTML/javascript codes to events of calendar. The hostile code may be rendered in the web browser of the victim user who will Request Reminder for those Events (persistent).
For example an attacker creates new event (Single-All Day Event , Ranged Event OR Recurring Event)with this content:
TITLE:--------->Test<script>alert(document.cookie)</script>
BODY:---------->No matter
OTHER OPTIONS:->No matter
The hostile code will be rendered in the web browser of the victim user who will Request Reminder for this Event via http://example.com/vbulletin/calendar.php?do=addreminder&e=[eventid]
The hostile code will originate from the site running the Vbulletin software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies),or take actions on the site acting as the target user.
http://www.securitylab.ru/vulnerability/source/243694.php
Читаю читаю не могу понять(с английским у меня трудновато)...
Vulnerability:
--------------------
Html_Injection :
The software does not properly filter HTML tags in the title of events before being passed to user in 'calendar.php'&'reminder.php AS include'. that may allow a remote user to inject HTML/javascript codes to events of calendar. The hostile code may be rendered in the web browser of the victim user who will Request Reminder for those Events (persistent).
For example an attacker creates new event (Single-All Day Event , Ranged Event OR Recurring Event)with this content:
TITLE:--------->Test<script>alert(document.cookie)</script>
BODY:---------->No matter
OTHER OPTIONS:->No matter
The hostile code will be rendered in the web browser of the victim user who will Request Reminder for this Event via http://example.com/vbulletin/calendar.php?do=addreminder&e=[eventid]
The hostile code will originate from the site running the Vbulletin software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies),or take actions on the site acting as the target user.
http://www.securitylab.ru/vulnerability/source/243694.php
Читаю читаю не могу понять(с английским у меня трудновато)...