Wiki Web Help 0.3.9 Cross Site Scripting

2012.08.28
Credit: Shai rod
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: Multiple Stored XSS Vulnerabilities in Wiki Web Help. # Date: 23/08/2012 # Exploit Author: Shai rod (@NightRang3r) # Vendor Homepage: http://wikiwebhelp.org # Software Link: http://sourceforge.net/projects/wwh/files/wwh-0.3.9.7z/download # Version: 0.3.9 #Gr33Tz: @aviadgolan , @benhayak, @nirgoldshlager, @roni_bachar About the Application: ====================== AJAX based wiki designed to operate like a desktop help viewer(chm). Vulnerability Description ========================= 1. Stored XSS in Edit Tags. Steps to reproduce the issue: 1.1. Click "Edit Tags" 1.2. In the "Tags" field insert the Javascript payload: <img src='1.jpg'onerror=javascript:alert("XSS")> 1.3. Click the "Update" button. 2. Stored XSS in Node Name. Steps to reproduce the issue: 2.1. Right click on an object in the Contents tree on the left side of the page. 2.2. In the "Node Option" window select "Add". 2.3. In the "New Page Name" field insert the Javascript payload: <img src='1.jpg'onerror=javascript:alert("XSS")> * Both XSS will be triggered on all users visiting the Wiki. 3. Stored XSS in Page Body (href). Steps to reproduce the issue: 3.1. Choose a Page. 3.2. Click "Edit". 3.2. In the Page editor insert: [javascript:alert(/XSS/),Click Me] 3.3. Click the "Save" button. XSS Will be triggerd once the user clicks on the link.

References:

http://sourceforge.net/projects/wwh/files/wwh-0.3.9.7z/download


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top