Application
Piwik versions prior to 1.1
http://piwik.org/
Summary
Multiple cross-site scripting issues exist in the Piwik software in versions prior to 1.1. These issues allow for reflective and persistent XSS attacks and could be used to attack the website’s administrator by an anonymous users of the Internet.
Details
The ‘url’ parameter of the piwik script seems to be not properly filtered. Therefore, a malicious content could be embedded in several places of the Piwik panel. This example illustrates the idea:
1) request for this URL on the piwik site:
/piwik/piwik.php?idsite=1&rec=1&url=”><script>alert(document.cookie)</script>&res=1400×1050&h=8&m=48&s=30&cookie=1&urlref=&rand=0.5656348866609716&pdf=1&qt=0&realp=0&wma=1&dir=0&fla=1&java=1&gears=0&ag=0&action_name=
2) once logged on to the panel, one should see the alert popup.
This flaw is located in the LiveVisitors module. Other vulnerable modules:
• Actions->pages
• Visitors->log
• possible others
Links
http://piwik.org/blog/2011/01/piwik-1-1-security-advisory/
Bez kategorii | 
Opublikował/a pentesterspl1 
