Blogsa 'Widgets.aspx' 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117431 漏洞类型 跨站脚本
发布时间 2009-03-02 更新时间 2009-03-05
CVE编号 CVE-2009-0814 CNNVD-ID CNNVD-200903-095
漏洞平台 ASP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/32833
https://cxsecurity.com/issue/WLB-2009030007
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200903-095
|漏洞详情
Blogsa是一个免费的,完全开放源码博客引擎项目,它是由使用ASP.NET和C#编写的,支持多语言,多数据库系统,很容易部署。Blogsa1.0Beta3版本及其早期版本的Widgets.aspx中存在跨站脚本攻击漏洞。远程攻击者可以借助searchText参数,注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/33957/info

Blogsa is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Blogsa 1.0 Beta 3 is vulnerable; other versions may also be affected.

http://www.example.com/Widgets.aspx?w=Search&p=do&searchText=<script>alert(document.cookie)</script>
|参考资料

来源:XF
名称:blogsa-widgets-xss(49024)
链接:http://xforce.iss.net/xforce/xfdb/49024
来源:BID
名称:33957
链接:http://www.securityfocus.com/bid/33957
来源:BUGTRAQ
名称:20090302Blogsa<=1.0Beta3XSSVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/501382/100/0/threaded