[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVE-2014-4958: Stored Attribute-Based Cross-Site Scripting (XSS) Vulnerability in Telerik UI for ASP.NET AJAX RadEditor Control
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: CVE-2014-4958: Stored Attribute-Based Cross-Site Scripting (XSS) Vulnerability in Telerik UI for ASP.NET AJAX RadEditor Control
- From: main@xxxxxxxxxxxxxx
- Date: Thu, 25 Sep 2014 04:08:57 GMT
All versions of the popular UI for ASP.NET AJAX RadEditor Control product by
Telerik may be affected by a high-risk stored attribute-based cross-site
scripting (XSS) vulnerability that is assigned CVE-2014-4958. This WYSIWYG rich
text editor is ?...what Microsoft chose to use in MSDN, CodePlex, TechNet, MCMS
and even as an alternative to the default editor in SharePoint.?
Personally tested and confirmed are versions: 2014.1.403.35 (much newer) and
2009.3.1208.20 (much older) using Internet Explorer 8, version 8.0.7601.17514.
However, all versions from Telerik at this time may be vulnerable and will
continue to be until a patched is released. A workaround may be available.
More information on the vulnerability:
http://maverickblogging.com/disclosing-cve-2014-4958-stored-attribute-based-cross-site-scripting-xss-vulnerability-in-telerik-ui-for-asp-net-ajax-radeditor-control/
Remediation: Telerik states: We have applied a patch to the editor that will be
delivered with our Q3 edition of the controls that should be released towards
the end of October. A blog post on the issue has been published here:
http://blogs.telerik.com/blogs/14-09-24/securing-radeditor-content-and-preventing-xss-attacks
Additional credit goes to Tyler Hoyle and the rest of my team in CGI Federal?s
Emerging Technologies Security Practice for their hard work.