[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] CVE-Request:stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations

To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] CVE-Request:stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations
From: Wester 95 <evilzyzeng@xxxxxxxxxxx>
Date: Sat, 8 Apr 2017 09:39:31 +0000

Hi team,

I would like to request one CVE id for this, thank you!



Details

======


Software: s9y Serendipity

Version: 2.1-rc1

Homepage: https://docs.s9y.org/


=======


Description

================


stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and 
other informations


===========


POC

==========


1.login as a common editor user


2.open a new entry ,then write:


<img src=1 onerror=alert(document.cookie)>


post it!

2.then when admin view it,XSS attack will occur!


=========


Fixed

========


https://github.com/s9y/Serendipity/issues/456


========


Best regards,


Zhiyang Zeng of Tencent security platform department



_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection
Next by Date: [FD] NSE script for exploiting BOF in Microsoft's IIS 6.0 and Windows Server 2003
Previous by thread: [FD] WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection
Next by thread: [FD] NSE script for exploiting BOF in Microsoft's IIS 6.0 and Windows Server 2003
Index(es):
- Date
- Thread