iPlanet Messaging Server Messenger Express Expression() 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111430 漏洞类型 跨站脚本
发布时间 2006-10-31 更新时间 2006-11-06
CVE编号 CVE-2006-5652 CNNVD-ID CNNVD-200611-031
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/28890
https://cxsecurity.com/issue/WLB-2006110009
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200611-031
|漏洞详情
SuniPlanetMessagingServerMessengerExpress存在跨站脚本攻击(XSS)漏洞,远程攻击者可以通过expressionCascadingStyleSheets(CSS)函数来注入任意Web脚本,如设置一个IMG元素的宽度样式。
|漏洞EXP
source: http://www.securityfocus.com/bid/20838/info

iPlanet Messaging Server Messenger Express is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker can exploit this issue to execute arbitrary JavaScript in the victim's browser.

<IMG style="width: expression(alert('expression'));">
|参考资料

来源:BID
名称:20838
链接:http://www.securityfocus.com/bid/20838
来源:BUGTRAQ
名称:20061031CrossSiteScripting(XSS)VulnerabilityiniPlanetMessagingServerMessengerExpressby"Sun"
链接:http://www.securityfocus.com/archive/1/archive/1/450184/100/0/threaded
来源:XF
名称:sun-messaging-expression-xss(29929)
链接:http://xforce.iss.net/xforce/xfdb/29929
来源:SREASON
名称:1806
链接:http://securityreason.com/securityalert/1806
来源:FULLDISC
名称:20061031CrossSiteScripting(XSS)VulnerabilityiniPlanetMessagingServerMessengerExpressby"Sun"
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050460.html