[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pmwiki: persistent cross site scripting (XSS), CVE-2010-1481

pmwiki: persistent cross site scripting (XSS), CVE-2010-1481




The table feature of pmwiki is vulnerable to persistent cross site scripting 
(XSS). The value of the width-parameter is not proberly escaped on output, so 
one can put quotes in it. This makes it possible to use a JavaScript event 
handler inside the first table field to inject code.


|| " onMouseOver=alert(1) " ||test||

The vendor has been contacted, but has not replied to my report.

Disclosure Timeline

2010-04-19: Vendor contacted
2010-05-07: Published advisory


This vulnerability was discovered by Hanno Boeck, http://www.hboeck.de, of 
schokokeks.org webhosting.

Hanno BÃck		Blog:		http://www.hboeck.de/
GPG: 3DBD3B20		Jabber/Mail:	hanno@xxxxxxxxx

http://schokokeks.org - professional webhosting

Attachment: signature.asc
Description: This is a digitally signed message part.