OGMMM WTFF 0DAY XSS
Sorry, getting a bit tired of
these.
Well, the world is changing. You
can probably do a lot more direct damage with a (legit) XSS in a
high-value site than with a local privilege escalation in sudo.
XSS reports are less actionable for the average
reader, but full disclosure is probably still beneficial, in that it
provides data points about the types of flaws a particular vendor
happens to have, and the speed and quality of the deployed fixes.
Of course, many of the XSS reports in
knorr.com and
similarly exciting destinations are zzzzzzzzzz...
/mz
OGMMM WTFF 0DAY XSS
Sorry, getting a bit
tired of these.
Gynvael Coldwind, I know this and I posted a
reply in Underc0de about that.
http://underc0de.org/foro/hacking-showoff/xss-persistente-blogger-13978/
It
isn't a critical bug but, despite that, this shouldn't happen..Thanks
all!
---
Best Regards
ANTRAX
Hey ANTRAX,
JZ is correct, even in the template view the script is still
executed only in the *.
blogspot.com context, and not in the
context of
blogger.com
- look at your first screenshot - it's clearly said there that the
alert box popped up on *.
blogspot.com.
It's good to always
alert(document.domain) to be sure of the context in which the script is
executed.
As you know, script executing in the
context of the cookieless *.
blogspot.com cannot interact / or steal
cookies from
blogger.com
domain.
So, to repeat what JZ already said
- this is by design, it's not a bug, and no, you cannot attack an admin
this way (unless you found some other way to execute that script in the
context of
blogger.com
- in such case try reporting it again).
Cheers,
Gynvael
Coldwind
I know JZ, but this vulnerability is in the
post and no in the template.
And this could be generated by blogger
and affect to administrator!
The blogger can edit, but haven't admin.
If the blogger post some script, this affect to administrator.