jetlib.sec » Bugtraq » WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability

Feeds

132972 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• February 20, 2012
• 

  WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability

  Posted: February 20th, 2012, 8:30am PST

  Tags:   

  Posted by sschurtz on Feb 20

  Advisory: WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability
  Advisory ID: SSCHADV2012-003
  Author: Stefan Schurtz
  Affected Software: Successfully tested on WebsiteBaker 2.8.2 SP2
  Vendor URL: www.websitebaker2.org
  Vendor Status: fixed
  
  ==========================
  Vulnerability Description
  ==========================
  
  HTTP-Referer in WebsiteBaker 2.8.2 SP2 is prone to a XSS...