URL:
<http://savannah.gnu.org/support/?106475>
Summary: Cross-site scripting using feedback variable
Project: Savannah Administration
Submitted by: dkg
Submitted on: Fri 22 Aug 2008 01:40:58 PM EDT
Category: None
Priority: 5 - Normal
Severity: 6 - Security
Status: None
Assigned to: None
Originator Email: Daniel Kahn Gillmor <[EMAIL PROTECTED]>
Operating System: None
Open/Closed: Open
Discussion Lock: Any
_______________________________________________________
Details:
Hey folks.
It looks to me like i can coax an XSS attack out of the savannah
infrastructure by injecting arbitrary html (including attributes which execute
javascript) in the "feedback" variable.
[/my/admin/?feedback=monkeytown.%20%3Cimg%20onmouseover=%22alert(%27monkeys!%27);%22%20src=%20%2Fimages%2FSavannah.theme%2Ffloating.png%20%20%2F%3E#6917874799045293895
hover over the gnu that appears when you follow this link for an example] (i'm
not sure if it will work right because there's no Preview, but i'll cook
something else up in the comments if this attack doesn't work)
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?106475>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
