|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: 25 Oct 2005 16:47:05 -0000
Message-ID: <20051025164705.26460.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: sikikmail@gmail.com
To: bugtraq@securityfocus.com
SparkleBlog is prone to HTMl injection attacks. It is possible for a malicious SparkleBlog user to inject hostile HTML script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of SparkleBlog.
SparkleBlog does not adequately filter HTMl tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by SparkleBlog
example:
put <script>alert('test')</script> in the "name:" tag in http://localhost/journal.php?id=1
SparkleBlog home page: http://www.creamed-coconut.org/
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |