[wp-trac] [WordPress Trac] #2953: XSS Vulnerability in the 'post_tilte' parameter in wp-admin/page-new.php while submitting thought the "Create New page" option

WordPress Trac wp-trac at lists.automattic.com
Fri Jul 14 08:53:03 GMT 2006


#2953: XSS Vulnerability in the 'post_tilte' parameter in wp-admin/page-new.php
while submitting thought the "Create New page" option
----------------------------+-----------------------------------------------
 Reporter:  NRNandini       |       Owner:  anonymous
     Type:  defect          |      Status:  new      
 Priority:  high            |   Milestone:           
Component:  Administration  |     Version:  2.0.3    
 Severity:  critical        |    Keywords:           
----------------------------+-----------------------------------------------
 Cross-site scripting vulnerability exists in wordpress 2.0.3 version, due
 to input validation
 error in parameter post_title in the wp-admin/page-new.php page when
 submitting it using
 the "Create New Page" (savepage) option.

 A remote attacker with admin privileges could inject malicious script code
 in the victim's browser
 within the security context of the hosting site and also could steal the
 victim's
 cookie-based authentication credentials.


 Example,
 http://www.yoursite.com/directory_where_you_installed_wordpress/wp-
 admin.php/page-new.php

 Vulnerable fields: post_tilte,

 Insert "<script>alert('XSS Vulnerable');</script>" in the Title field and
 click the button "Create New Page" .

-- 
Ticket URL: <http://trac.wordpress.org/ticket/2953>
WordPress Trac <http://wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list