Wordpress vulnerability
Wordpress has published WordPress 4.2.1 update .
This is a critical update and all users of the popular CMS Worpress are encouraged to upgrade.
A few hours ago, the team received information about an XSS vulnerability that could be exploited by an attacker if the site included the ability to comment on blog entries.
A vulnerability was discovered by Jouko Pynnönen.
The vulnerability is due to the fact that if the comment exceeds the standard for MySQL TEXT 64KB, it will be truncated when added to the database.
An attacker can leave a 64KB comment that goes into the database without checks and can be accessed by blog readers. Thus, if an attacker injects JavaScript into such a comment, it will be executed in the user's browser. In particular, if the comment is viewed by the site administrator, then an attacker can change the password, create a new account, download files on behalf of the administrator.
Video demonstration of the vulnerability:
')
We recommend everyone to upgrade.
This is a critical update and all users of the popular CMS Worpress are encouraged to upgrade.
A few hours ago, the team received information about an XSS vulnerability that could be exploited by an attacker if the site included the ability to comment on blog entries.
A vulnerability was discovered by Jouko Pynnönen.
The vulnerability is due to the fact that if the comment exceeds the standard for MySQL TEXT 64KB, it will be truncated when added to the database.
An attacker can leave a 64KB comment that goes into the database without checks and can be accessed by blog readers. Thus, if an attacker injects JavaScript into such a comment, it will be executed in the user's browser. In particular, if the comment is viewed by the site administrator, then an attacker can change the password, create a new account, download files on behalf of the administrator.
Video demonstration of the vulnerability:
')
We recommend everyone to upgrade.
Source: https://habr.com/ru/post/256863/
All Articles