Lycos Tripod htmlGEAR guestGEAR 跨站脚本攻击(XSS)漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1194681 漏洞类型 跨站脚本
发布时间 2006-06-05 更新时间 2006-06-05
CVE编号 CVE-2006-2808 CNNVD-ID CNNVD-200606-108
漏洞平台 N/A CVSS评分 6.8
|漏洞来源
https://www.securityfocus.com/bid/83832
https://cxsecurity.com/issue/WLB-2006060042
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200606-108
|漏洞详情
LycosTripodhtmlGEARguestGEAR(GuestGear)存在跨站脚本攻击(XSS)漏洞,远程攻击者可通过留言簿提交的内容(其中含有在元素内的额外"iframe"标签名之后的BR元素的SRC属性中的javascriptURI,元素之后跟着一个双">",可能绕过净化操作)来注入任意Web脚本或HTML。
|漏洞EXP
htmls guest gear (all pages that look like this http://htmlgear.tripod.com/guest/control.guest?a=sign) has an exploit where you can inject html and javascript into there guestbook by doing the following

<br iframe src=javascript:alert("hi")>></br>

you can put any html or javascript in there. you can find vunrable page by doing the following google search

site:http://htmlgear.tripod.com/guest/control.guest?a=sign
|受影响的产品
Lycos htmlGEAR guestGEAR
|参考资料

来源:BUGTRAQ
名称:20060527htmlGuestGear
链接:http://www.securityfocus.com/archive/1/archive/1/435220/100/0/threaded
来源:SREASON
名称:1036
链接:http://securityreason.com/securityalert/1036