Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home XWiki Web Application vulnerable to Cross Site Scripting
Vulnerability Web Application Vulnerability XSS Vulnerability

XWiki Web Application vulnerable to Cross Site Scripting

Saturday, February 04, 2012
The hacker Sony discovered Cross site scripting Vulnerability in XWiki. XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. XWiki Enterprise, the enterprise wiki edition, includes WYSIWYG editing, OpenOffice based document import/export, semantic annotations and tagging, and advanced permissions management

The comment box and profile page vulnerable to XSS.


Poc:
http://www.xwiki.org/xwiki/bin/view/Blog/XWikiEnterprise14RC1Released
http://www.xwiki.org/xwiki/bin/XWiki/SonyStyles

It seems that he is targeting Wiki based web applications.  In past two weeks itself, he found xss Vulnerabilities in lot of websites . He found XSS vulnerabilities in Twiki, FosWiki

source:
http://st2tea.blogspot.com/2012/02/xwiki-cross-site-scripting.html

Tags: Vulnerability Web Application Vulnerability XSS Vulnerability
Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability