[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request -- Python-Mako (prior v0.3.4):
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-06-30 19:28:48
Message-ID: 2058498623.1644141277926128586.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
Please use CVE-2010-2480
Thanks.
--
JB
----- "Jan Lieskovsky" <jlieskov@redhat.com> wrote:
> Hi Steve, vendors,
>
> Craig Younkins reported:
> [1] http://bugs.python.org/issue9061
>
> that Python Mako (of versions prior v0.3.4), a template library
> written in Python,
> improperly escaped single quotes in escape.cgi. An attacker could
> use this flaw to conduct
> cross-site scripting (XSS) attacks.
>
> References:
> [2] http://www.makotemplates.org/CHANGES
>
> Sample public PoC (from [1]):
>
> Proof of concept:
> print """<body class='%s'></body>""" % cgi.escape("'
> onload='alert(1);'
> bad='")
>
> Could you allocate a CVE id for this?
>
> Thanks && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic