Pebble Search函数跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1193247 漏洞类型 跨站脚本
发布时间 2006-10-10 更新时间 2006-10-23
CVE编号 CVE-2006-5168 CNNVD-ID CNNVD-200610-149
漏洞平台 N/A CVSS评分 4.3
|漏洞来源
https://cxsecurity.com/issue/WLB-2006100055
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200610-149
|漏洞详情
SimonBrownPebble2.0.0RC1和RC2的search函数中存在跨站脚本攻击漏洞,远程攻击者可以通过查询字符串来注入任意Web脚本或HTML。
|漏洞EXP
Software: Pebble
Version: 2.0.0 RC1 - 2.0.0 RC2
Author: Simon Brown
Homepage: http://pebble.sourceforge.net

Abstract
Pebble is a blogging system built upon java and XML. There is no
database to store the data into but just XML is used instead.

Description

Vulnerability: XSS vulnerability in "search" functionality. Query
string wasn't parsed for HTML and while printing it out for "Search
with google" link, the XSS can be done.

Workaround
Disable "Search with google" link in the user result page or, better,
update to the latest version in subversion.

History

Author contacted: 20 september
Author replyed: 20 september
Patch published in Subversion archive: 27 september

Disclaimer:

This advisory intended to be informational. No responsibility is taken
for its misuse.
|参考资料

来源:CONFIRM
链接:http://svn.sourceforge.net/viewvc/pebble/trunk/src/net/sourceforge/pebble/search/SearchResults.java?r1=136&r2=206
来源:XF
名称:pebble-search-xss(29312)
链接:http://xforce.iss.net/xforce/xfdb/29312
来源:BID
名称:20298
链接:http://www.securityfocus.com/bid/20298
来源:BUGTRAQ
名称:20061002Pebble2.0.0RC[1,2]XSSvulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/447503/100/0/threaded
来源:SREASON
名称:1689
链接:http://securityreason.com/securityalert/1689