|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 2908 CVE : CVE-2007-3930 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : No Credit : Cyrill Brunschwiler Published : 24.07.2007
Advisory Text : ############################################################# # # COMPASS SECURITY ADVISORY http://www.csnc.ch/ # ############################################################# # # Product: DokuWiki # Vendor: DokuWiki Project # Subject: Cross-site scripting - XSS # Risk: High # Effect: Remotely exploitable # Author: Cyrill Brunschwiler (cyrill.brunschwiler (at) csnc (dot) ch [email concealed]) # Date: July 19th 2007 # ############################################################# Introduction: ------------- Compass Security discovered a web application security flaw in the DokuWiki application. Vulnerable: ----------- DokuWiki Version 2007-06-26 and prior Not vulnerable: --------------- DokuWiki Version 2007-06-26b Patches: -------- DokuWiki Version 2007-06-26b available from the DokuWiki download page. Fix: ---- Remove the function spell_utf8test() from the PHP script named lib/exe/spellcheck.php Description: ------------ The spell checker PHP script provides a test function which reflects unfiltered user input. Due to Microsoft's Internet Explorer mime-sniffing feature, injected JavaScript code gets executed even though the Content-Header is set to text/plain. Exploting the vulnerability will lead to so-called cross-site scripting (XSS) and allows the impersonation of logged-in DokuWiki users. Milestones: ----------- July 18th, Vulnerability discovered July 18th, Vendor notified July 19th, Vendor provided patched version References: ----------- Vendor Bug Report reference: http://bugs.splitbrain.org/index.php?do=details&task_id=1195 DokuWiki reference: http://wiki.splitbrain.org/wiki:dokuwiki DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It is targeted at developer teams, workgroups and small companies. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files - no database is required. XSS reference: http://en.wikipedia.org/wiki/Cross-site_scripting Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Recently, vulnerabilities of this kind have been exploited to craft powerful phishing attacks and browser exploits. Cross-site scripting was originally referred to as CSS, although this usage has been largely discontinued.  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |