Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #7162

    Hi,

    I am using the security scan from websiteprotection.com and they issued a warning “Your Web server is vulnerable to cross-site scripting attacks.”

    Is there a patch for that?

    “Description:

    Your website contains pages that do not properly sanitize visitor-provided input to make sure it contains no malicious content or scripts. Cross-site scripting vulnerabilities let malicious users execute arbitrary HTML or script code in another visitor’

    s browser.

    See Also:

    http://en.wikipedia.org/wiki/Cross_site_scripting#Non-persistent http://jeremiahgrossman.blogspot.com/2009/06/results-unicode-leftright-pointing.html http://projects.webappsec.org/Cross-Site+Scriptin http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#Escaping_.28aka_Output_Encoding.29

    Risk Factor:

    Medium / CVSS Base Score : 4.3(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

    Solution:

    Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.

    Output:

    Using the POST HTTP method, Site Scanner found that :

    + The following resources may be vulnerable to cross-site scripting (comprehensive test) :

    + The ‘website’ parameter of the /wp-content/themes/newscast/submit_news.php CGI :

    /wp-content/themes/newscast/submit_news.php [website=<<<<<<<<<<foobar204

    >>>>>&imageURL=&myblogname=The Technocon News Submission&height=580&widt

    h=420&iframe=true&Subject=&message=&email=&yourname=&Send=Send&myemail=s

    (addressdeleted)@live.com]


    output


    </p>

    <p class=”error” ><label for=”email”>E-Mail*</label><input name=”e […]

    <p><label for=”website”>Full Story Link*</label><input name=”website” cl

    ass=”text_input is_empty” type=”text” id=”website” size=”20″ value=”<<<<

    <<<<<<foobar204>>>>>”/></p>

    <p><label for=”imageURL”>Preview Image URL</label><input name=”ima […]


    Other references : CWE:79, CWE:80, CWE:81, CWE:83, CWE:20, CWE:74, CWE:442, CWE:712, CWE:722, CWE:725, CWE:811, CWE:751, CWE:801, CWE:116, CWE:692, CWE:87, CWE:85, CWE:86, CWE:84

    #56931

    Hey,

    I don’t think this applies to our template because the user input is converted/treated as text variables only and the server won’t execute it. It just sends the text content to your mail client with the php mail() function. Basically the user can enter anything he like but unless the code isn’t executed nothing will happen. You just get a wired mail….

Viewing 2 posts - 1 through 2 (of 2 total)

The topic ‘Cross-scripting issue with Submit News function?’ is closed to new replies.