Cross site scripting (XSS) in Moodle 1.8.3

看板Bugtraq作者時間18年前 (2008/01/13 00:26), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
--nextPart2828227.6IDX0kAmq7 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Source URL of this announcement: http://int21.de/cve/CVE-2008-0123-moodle.html References http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-0123 Description Moodle is a course management system for educators. The installer code is vulnerable to Cross Site Scripting, letting you inje= ct=20 JavaScript and steal cookies. The XSS can only be triggered if there's a no= t=20 installed moodle, so this can be considered low impact. Still it's possible= =20 to attack if an attacker knows from another person installing moodle.=20 Sample code Sample XSS code: <form method=3D"post" action=3D"" rel="nofollow">http://localhost/moodle/install.php"> <input type=3D"hidden" name=3D"stage" value=3D"3"> <input type=3D"text" name=3D"dbname" value=3D'"><script>alert(1)</script>'> <input type=3Dsubmit> </form> Workaround/Fix Update to 1.8.4. Disclosure Timeline 2007-01-08 Vendor contacted 2007-01-08 Vendor fixed cvs 2007-01-11 Vendor released 1.8.4 CVE Information The Common Vulnerabilities and Exposures (CVE) project has assigned the nam= e=20 CVE-2008-0123 to this issue. This is a candidate for inclusion in the CVE=20 list (http://cve.mitre.org/), which standardizes names for security problem= s. Credits and copyright This vulnerability was discovered by Hanno Boeck of schokokeks.org webhosti= ng.=20 It's licensed under the creative commons attribution license. Hanno Boeck, 2008-01-12, http://www.hboeck.de =2D-=20 Hanno B=C3=B6ck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno@hboeck.de --nextPart2828227.6IDX0kAmq7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQBHiAEfr2QksT29OyARAl5xAJ4gvp6LIdDTtSWdWS0NqiTmNJHLKwCdGzc3 /rePBUTUKR8MH7n7FZUsYxA= =s0VI -----END PGP SIGNATURE----- --nextPart2828227.6IDX0kAmq7--
更多 ml. 的文章
文章代碼(AID): #17YEf500 (Bugtraq)