WordPress Category Grid View Gallery插件‘ID’参数跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1121738 漏洞类型 跨站脚本
发布时间 2013-07-02 更新时间 2013-07-12
CVE编号 CVE-2013-4117 CNNVD-ID CNNVD-201307-095
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/38625
https://www.securityfocus.com/bid/60905
https://cxsecurity.com/issue/WLB-2013070022
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201307-095
|漏洞详情
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。CategoryGridViewGallery是其中的一个可设计图片浏览效果的插件。WordPress的CategoryGridViewGallery插件2.3.1版本中的includes/CatGridPost.php中存在跨站脚本漏洞。远程攻击者可借助ID参数利用该漏洞注入任意Web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/60905/info

The Category Grid View Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 

http://www.example.com/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1172[xss]
|参考资料

来源:BUGTRAQ
名称:20130702WordPresscategory-grid-view-gallerpluginCross-SiteScriptingVulnerabilities
链接:http://seclists.org/bugtraq/2013/Jul/17
来源:MLIST
名称:[oss-security]20130711Re:CVErequest:WordPressplugincategory-grid-view-galleryXSS
链接:http://openwall.com/lists/oss-security/2013/07/11/11
来源:BID
名称:60905
链接:http://www.securityfocus.com/bid/60905