vendor:
N/A
by:
www.80vul.com
8.8
CVSS
HIGH
Cross Site Scripting
79
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2011
Hacking with mhtml protocol handler
Using the mhtml protocol handler,The file extension is ignored.so the attacker use renname the mhtml file to a *.jpg file,etc. then upload it to the target site. The mhtml-file format is only base on CRLF,so if we can injection CRLF, the site may be attacked. The attacker can also use mhtml-file string injection to bypass X-Frame-Opitions.
Mitigation:
Ensure that the file extension is checked before uploading the file. Ensure that the CRLF injection is not possible. Ensure that the X-Frame-Opitions is enabled.