Summary: | Joomla characters’s injection. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Emanuele Gentili <bathym> |
Component: | Current packages | Assignee: | Gentoo Web Application Packages Maintainers <web-apps> |
Status: | RESOLVED UPSTREAM | ||
Severity: | minor | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.0x656d67.org/2006/10/02/joomla-little-problem-open-var-concur-characterss-injection/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Emanuele Gentili
2006-10-03 03:41:33 UTC
In the Joomla survey modules, there is a little problem that originates character injections. http://www.site.dom/index.php?option=com_poll&task=results&id=18&mosmsg=messages You can edit messages and insert what you prefer; Module capture it and show the messages in the page. Try it: http://www.slacky.it/index.php?option=com_poll&task=results&id=18&mosmsg=TEST (my friend website) http://demo.joomla.org/ Vulnerable too. doesnt look like there's any xss there, so this doesnt look like a security issue, reassigning to maintainer... (In reply to comment #1) > doesnt look like there's any xss there, so this doesnt look like a security > issue, reassigning to maintainer... > Sure isnt XSS but bad coding that originates charaters injection. CMS usually use Global Active Var.. Joomla used mosmsg only for survey modules, and i think this alpha-patch: $mosmsg='Thanks for your vote!'; please report upstream (In reply to comment #4) > please report upstream > Joomla Dev. contacted. :) slacky.it doesn't appear to be a Joomla! site but a Mambo site, can you please verify what version of Joomla! that they are running and also check that they are running the latest version of Joomla! In addition, I do not seem to be able to validate this. I used the following URL: http://demo.joomla.org/index.php?option=com_poll&task=results&id=14&mosmsg=XSS Kind Regards, Sam Moffatt, Joomla! Core Developer (In reply to comment #6) > slacky.it doesn't appear to be a Joomla! site but a Mambo site, can you please > verify what version of Joomla! that they are running and also check that they > are running the latest version of Joomla! > > In addition, I do not seem to be able to validate this. I used the following > URL: > http://demo.joomla.org/index.php?option=com_poll&task=results&id=14&mosmsg=XSS > > Kind Regards, > Sam Moffatt, > Joomla! Core Developer > It's ok. Now isnt bugged but first yes. I tryed it some times ago in demo.joomla.org and i remember that bug worked. see http://www.zone-h.org/component/option,com_poll/task,results/id,19/?mosmsg=VULN |