Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Twiki Web application vulnerable to Persistent Cross site scripting
Vulnerability Web Application Vulnerability XSS Vulnerability

Twiki Web application vulnerable to Persistent Cross site scripting

Monday, January 30, 2012

"Sony", a hacker who discovered xss Vulnerability in lot of websties, found a Persistent Cross site scripting Vulnerability in Twiki Web application.  TWiki is leading open source enterprise wiki and Web 2.0 application platform used by 50,000 small businesses, many Fortune 500 companies, and millions of people.

Vulnerability Description:
Register yourself in the wiki page.  When you finish registration, you can edit your profile.  Unfortunately, the Organization Field is Vulnerable to XSS.  As organization details will be stored in Database, the XSS get the capability of Persistence. The Vulnerability is critical one as it was a persistent Vulnerability.

The Demo:
http://twiki.org/cgi-bin/view/Main/SonyStyleas

Affected sites: Thesecurityweb,clamav and other sites which using the twiki web application .

source:
http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html

Tags: Vulnerability Web Application Vulnerability XSS Vulnerability
Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability