Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 01 Feb 2016 19:05:21 -0500
From: Larry Cashdollar <larry0@...com>
To: Open Security <oss-security@...ts.openwall.com>
Subject: Wordpress plugin Reflected XSS in connections v8.5.8

Title: Wordpress plugin Reflected XSS in connections v8.5.8
Author: Larry W. Cashdollar, @_larry0
Date: 2016-01-26
Download Site: https://wordpress.org/plugins/connections/
Vendor: https://profiles.wordpress.org/shazahm1hotmailcom/
Vendor Notified: 2016-01-28
Vendor Fixed: 2016-02-01, v8.5.9
Vendor Contact: https://profiles.wordpress.org/shazahm1hotmailcom/
Description: An easy to use directory plugin to create an address book,
business directory, staff
directory or church directory.
Vulnerability:Line 320 contains unfiltered user input for the search field
being sent directly via
echo back to the users browser via the ā€™sā€™ variable.
In file includes/admin/pages/manage.php
Line 320:	
<input type="search" id="entry-search-input" name=ā€œs" value="<?php if (
isset( $_GET['s'] ) && ! empty( $_GET['s'] )) echo $_GET['s'] ; ?>" />
CVEID: 2016-0770
Advisory: http://www.vapidlabs.com/advisory.php?v=161


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.