Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   [whitepaper]Cross Site Scripting [XSS] vulnerability in Scribd.com by SecWorm.net (http://www.go4expert.com/forums/whitepapercross-site-scripting-xss-t20557/)

indiansword 30Dec2009 14:49

[whitepaper]Cross Site Scripting [XSS] vulnerability in Scribd.com by SecWorm.net
 
SecWorm.net - Advisory
http://SecWorm.net/
Steam XSS Vulnerability

----------------------------------------------------------------------------------
1. Advisory Information:
----------------------------------------------------------------------------------
Title:- Cross Site Scripting vulnerability in Scribd.com
Advisory ID:- SecWorm_Network_2009-3
Advisory URL:- http://secworm.net/showthread.php?tid=87

----------------------------------------------------------------------------------
2. Vulnerability Information:
----------------------------------------------------------------------------------
Class:- Cross Site Scripting Injection
Remotely Exploitable:- Yes
Locally Exploitable:- Yes
FIXED :- NO

----------------------------------------------------------------------------------
3. Vulnerability Description:
----------------------------------------------------------------------------------
In the search function of Scribd.com, html entities are not sanitized properly, thus it allows any javascript to be executed in it. This causes a non-persistent XSS vulnerability in the search function of Scribd.com. An attacker can inject malicious javascript into the search function which could be used for several types of attacks. An attacker can also hijack the cookies of any user which will compromise the authentication.

----------------------------------------------------------------------------------
4. POC [Proof of Concept]:
----------------------------------------------------------------------------------
Example:- http://www.scribd.com/search?cat=solr&q=...Fscript%3E
Screenshot:- : http://secworm.net/poc/scribd-xss.jpg

----------------------------------------------------------------------------------
5. Credits:
This vulnerability was discovered by Nishant Soni (brainst0rm) from SecWorm Network.

----------------------------------------------------------------------------------
6. Report Timeline:
----------------------------------------------------------------------------------
December 29, 2009- Nishant Soni from SecWorm Network leaves an Email to Scribd.com Site feedback.
Reply awaited.

----------------------------------------------------------------------------------
7. About SecWorm Network:
----------------------------------------------------------------------------------
SecWorm Network is a group of Security Researchers & Ethical hackers with the motto of security awareness and helping others
to secure themselves.
Everyone can reach to us at http://www.SecWorm.net/


----------------------------------------------------------------------------------
8. Disclaimer & Copyright:
----------------------------------------------------------------------------------
The contents of this advisory are copyright 2009 SecWorm Network, and may be distributed freely provided that proper credits are given.

Deadly Ghos7 30Dec2009 18:37

Re: [whitepaper]Cross Site Scripting [XSS] vulnerability in Scribd.com by SecWorm.net
 
That's awesome. Respects to you. It seems that I should learn XSS arts from you.

indiansword 30Dec2009 18:52

Re: [whitepaper]Cross Site Scripting [XSS] vulnerability in Scribd.com by SecWorm.net
 
Thanks @ deadley ghost.


All times are GMT +5.5. The time now is 15:48.