Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE-2009-4168: WordPress plugin vkontakte-api XSS vulnerability
From: Henri Salo <henri () nerv fi>
Date: Thu, 14 Mar 2013 10:47:10 +0200

On Mon, Mar 11, 2013 at 09:44:33AM +0200, Henri Salo wrote:
Plugin URL: http://wordpress.org/extend/plugins/vkontakte-api/
Affected file: tagcloud.swf 368b01e1728111f99d93ac5805d97abbb899a910
PoC: 
wp-content/plugins/vkontakte-api/swf/tagcloud.swf?mode=tags&tagcloud=<tags><a+href=%27javascript:alert%28document.cookie%29%27+style=%27font-size:+40pt%27>oss-security</a></tags>
Affected versions: 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.7

Currently no fix available.

WordPress plugin-guys replied Mon, 11 Mar 2013 21:32:52 +0000

"Closed this morning :)"

Now the changelog says:

------------------------------------------------------------------------
r681668 | kowack | 2013-03-14 09:39:40 +0200 (Thu, 14 Mar 2013) | 1 line

2.7 to 3.0
------------------------------------------------------------------------
r681323 | kowack | 2013-03-13 18:04:13 +0200 (Wed, 13 Mar 2013) | 1 line

amen
------------------------------------------------------------------------
r681320 | kowack | 2013-03-13 18:01:49 +0200 (Wed, 13 Mar 2013) | 1 line

major update, may has bugs :(
------------------------------------------------------------------------
r568584 | kowack | 2012-07-07 09:49:19 +0300 (Sat, 07 Jul 2012) | 1 line

And it seems that tagcloud.swf is removed from version 3.0 of the plugin.
Changelog does not include CVE nor notification about security issues fixed.
Well at least it is fixed.

--
Henri Salo

Attachment: signature.asc
Description: Digital signature


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]