| Summary: | www-apps/wordpress: cross-site scripting vulns | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stefan Cornelius (RETIRED) <dercorny> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | minor | CC: | moixa, ogardiner.23444071, web-apps |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://neosecurityteam.net/advisories/Advisory-17.txt | ||
| Whiteboard: | B4? [upstream] DerCorny | ||
| Package list: | Runtime testing required: | --- | |
superlag please bump as soon as a fix/new upstream version is available, thanks. For [1] and [2] it's not usable for XSS (only affects you) For [3] it needs to be posted by the admin (or approved by him) so very low risk. We should probably invalidate it. based on koon's comments, i think we can pass this over to maintainers Invalid as a security issue |
<+ Multiple XSS +> There're multiple XSS in `post comment': [1] `name' variable is not filtered when it's assigned to `value' on the `<input>' in the form when the comment it's posted. [2] Happends the same as [1] with `website' variable. [3] `comment', this variable only filtered " and ' chars, this makes possible to use < and >, thus this permit an attacker to inject any HTML (or script) code that he/she want but without any " or ' character, this only happends if the user that post the comment it's the admin (any registered kind of `user').