WordPress <= 2.6.3 XSS Vulnerability

Posted by DK
January 8, 2009

Jeremias Reith has published the advisory to Bugtraq which includes a proof of concept exploit that may allow an unauthenticated attacker access to your blog.

Product affected: WordPress
Version(s): <= 2.6.3
Credit: Jeremias Reith

Wordpress is affected by a Cross Site Scripting vulnerability, an attacker can perform an XSS attack that allows him to access the
targeted user cookies to gain administrator privileges.

WordPress prior to v2.6.3 fails to sanitize the Host header variable
correctly when generating RSS feeds and is therefore prune to XSS
attacks.

This issue has been addressed in WordPress 2.6.5.

Advisories, WordPress

Random Posts

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments
Comment by DragoN on January 9, 2009 @ 8:02 pm

Thanks for the information, published in

http://www.dragonjar.org/wordpress-263-vulnerable-a-xss.xhtml

Pingback by bug en WordPress 2.6.3 | servidopolis on January 9, 2009 @ 8:57 pm

[...] Reith ha publicado el aviso al Bugtraq, incluyendo un exploit de prueba de concepto que podría permitir a un atacante sin identificar acceder a tu [...]

Pingback by MoiaGroup, Simply Great Web Design and Development in Tucson, Arizona » WordPress Security TalkA on March 7, 2009 @ 2:20 am

[...] informed.  Subscribe to http://wordpress.org/development/ and to http://blogsecurity.net/wordpress/wordpress/ I’m sure there are others, but these are the ones I know [...]

Comment by raj 3gpindia on March 27, 2009 @ 9:04 am

Very nice information.i am looking for this for long time.i bookmarked your blog ,Thanks for this.

Leave a comment

(required)

(required)