Advisory 1/2011

pentesterspl1 — Tue, 25 Jan 2011 10:54:09 +0000

Application
Piwik versions prior to 1.1

http://piwik.org/

Summary
Multiple cross-site scripting issues exist in the Piwik software in versions prior to 1.1. These issues allow for reflective and persistent XSS attacks and could be used to attack the website’s administrator by an anonymous users of the Internet.

Details
The ‘url’ parameter of the piwik script seems to be not properly filtered. Therefore, a malicious content could be embedded in several places of the Piwik panel. This example illustrates the idea:
1)   request for this URL on the piwik site:
/piwik/piwik.php?idsite=1&rec=1&url=”>&res=1400×1050&h=8&m=48&s=30&cookie=1&urlref=&rand=0.5656348866609716&pdf=1&qt=0&realp=0&wma=1&dir=0&fla=1&java=1&gears=0&ag=0&action_name=
2)   once logged on to the panel, one should see the alert popup.
This flaw is located in the LiveVisitors module. Other vulnerable modules:
•   Actions->pages
•    Visitors->log
•   possible others

Links

http://piwik.org/blog/2011/01/piwik-1-1-security-advisory/

HW.txt

whilter — Sat, 16 Jan 2010 21:08:25 +0000

Witaj na blogu pentesters.pl!

pentesters.pl blog

Advisory 1/2011

HW.txt