Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#3902 XSS

open
nobody
None
5
2011-04-27
2011-04-27
No

As a result of xss bug in "https: / / zion: 10000/shell/index.cgi" I looked over and I found XSS on the following pages:
"https://nibelheim:10000/software/search.cgi?search=%22%3Cscript%3Ealert%281%29%3C%2Fscript%3E&goto=1"
"https://nibelheim:10000/proc/run.cgi"
After that I guess the decision will be the same in all places where you enter some text.

Discussion

  • Jamie Cameron
    Jamie Cameron
    2011-04-27

    Yes, but those can't be exploited by an attacker as Webmin detects links from un-trusted referrers.

     
  • If you change the packet with a proxy or plugins like TamperData, and you add to packet "Referer" as "https://192.168.1.10:10000/software/" webmin not detects this attack

     
  • Jamie Cameron
    Jamie Cameron
    2011-04-28

    Right, but why would the victim intentionally change his own web requests to open himself up to a vulnerability?