by r0t,der4444,cembo,VietMafia

Wednesday, December 21, 2005

SiteSage XSS vuln

SiteSage XSS vuln

Vuln. discovered by : r0t
Date: 21 dec. 2005
vednor:http://www.starphire.com/
affected version:5.0.18 and prior,SiteSage-EE,SiteSage-SE,SiteSage-SB,SiteSage-LE

Product Description:

SiteSage provides a completely non-technical web content management system for the creation and administration of your web site. Features include; built in Templates and Themes, Font Style Editor, WYSIWYG Content Editor, Message Boards, Mailing Lists, Sign up Forms, Banner Ad Manager, Dynamic Content Rotation, and much more. SiteSage is a complete ASP application for installation on your (or your hosting firm's) MS IIS web server. SiteSage is entirely server based permitting updates to a website to be made from work, home, or anywhere. SiteSage can be completely installed to your web server using standard FTP access. The Lite Edition is free for both commercial and non-commercial use.


Vuln. Description:

SiteSage contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "norelay_highlight_words" parameter when performing a search isn't properly sanitised before being returned to the user.
This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew