savannah-hackers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-help-public] [sr #106475] Cross-site scripting using feedback


From: Daniel Kahn Gillmor
Subject: [Savannah-help-public] [sr #106475] Cross-site scripting using feedback variable
Date: Fri, 22 Aug 2008 17:40:59 +0000
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071618 Iceweasel/3.0.1 (Debian-3.0.1-1)

URL:
  <http://savannah.gnu.org/support/?106475>

                 Summary: Cross-site scripting using feedback variable
                 Project: Savannah Administration
            Submitted by: dkg
            Submitted on: Fri 22 Aug 2008 01:40:58 PM EDT
                Category: None
                Priority: 5 - Normal
                Severity: 6 - Security
                  Status: None
             Assigned to: None
        Originator Email: Daniel Kahn Gillmor <address@hidden>
        Operating System: None
             Open/Closed: Open
         Discussion Lock: Any

    _______________________________________________________

Details:

Hey folks.

It looks to me like i can coax an XSS attack out of the savannah
infrastructure by injecting arbitrary html (including attributes which execute
javascript) in the "feedback" variable.

[/my/admin/?feedback=monkeytown.%20%3Cimg%20onmouseover=%22alert(%27monkeys!%27);%22%20src=%20%2Fimages%2FSavannah.theme%2Ffloating.png%20%20%2F%3E#6917874799045293895
hover over the gnu that appears when you follow this link for an example] (i'm
not sure if it will work right because there's no Preview, but i'll cook
something else up in the comments if this attack doesn't work)




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?106475>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/





reply via email to

[Prev in Thread] Current Thread [Next in Thread]