swiki-xss.txt

swiki-xss.txt: Posted Apr 9, 2008; Authored by Brad Antoniewicz; Swiki version 1.5 suffers from cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 9ab010fffeaf6a43e91740ca213df427dbb5e10d74dc70052a56e02070d5a49c; Download | Favorite | View

swiki-xss.txt

Title: Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities 
Vendor URL: http://wiki.squeak.org/swiki Vendor Contacted: Yes

Description:
Multiple stored and reflective cross-site scripting vulnerabilities were identified in Swiki 1.5. 

Reflective (example):
http://[host]:8000/<script>alert("XSS");</script>

Stored (example):
On posts to 1.append when adding new entries into the wiki, the application does not properly escape javascript code resulting in a stored cross-site scripting attack. 

Credit: 
Brad Antoniewicz
brad.antoniewicz@foundstone.com

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 65 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 7 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

swiki-xss.txt

swiki-xss.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

swiki-xss.txt

Share This

swiki-xss.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems