WebCT的校园版HTML注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107833 漏洞类型 跨站脚本
发布时间 2004-03-29 更新时间 2006-04-21
CVE编号 CVE-2004-1872 CNNVD-ID CNNVD-200403-136
漏洞平台 Multiple CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/23893
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200403-136
|漏洞详情
WebCTCampusEdition4.1.1.5版本存在跨站脚本攻击(XSS)漏洞。远程攻击者借助CSS样式标签中的@importURL函数注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/9999/info

It has been reported that WebCT Campus Edition may be prone to an HTML injection vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in the browser of an unsuspecting user. A malicious user could supply malicious HTML or script code to the application via the @import url() function of Microsoft Internet Explorer when posting a message on a forum, which would then be rendered in the browser of an unsuspecting user whenever the malicious message is viewed.

WebCT Campus Edition version 4.1 is reported to be affected by this issue. 

<style type="text/css">
@import url(javascript:alert(document.cookie));
</style>
|参考资料

来源:XF
名称:webct-import-xss(15652)
链接:http://xforce.iss.net/xforce/xfdb/15652
来源:BID
名称:9999
链接:http://www.securityfocus.com/bid/9999
来源:BUGTRAQ
名称:20040329WebCTCampusEdition4.1-CrosssitescriptingusingCSS@import
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108057915916365&w=2
来源:SECUNIA
名称:11242
链接:http://secunia.com/advisories/11242