WordPress The Holiday Calendar 1.11.2 XSS
Posted on 04 August 2015
---------- Forwarded message ---------- From: Luciano Pedreira <lpedreira@gmail.com> Date: 2015-07-20 10:06 GMT-03:00 Subject: CVE_for_Vulnerability_theholidaycalendar To: cve-assign@mitre.org Dear, In a recent research conducted in the "The Holiday Calendar" plugin ( http://www.theholidaycalendar.com / https://wordpress.org/plugins/the-holiday-calendar) I found vulnerability related at Cross Site Scripting. . The Holiday Calendar plugin Cross Site Scripting Issues This problem was confirmed in the following versions of the "The Holiday Calendar", other prior versions maybe also affected. Version: 1.11.2 (Tested with Mozilla Firefox Browser) DETAILS The "The Holiday Calendar" plugin (http://www.theholidaycalendar.com / https://wordpress.org/plugins/the-holiday-calendar) is affected by Cross Site Scripting. The variable "thc-month" do not sanitize input data, allowing attacker to store malicious javascript code in a page. Proof of Concept to exploit the vulnerability: http://dimensaonet.com.br/blog/eco-dimensao-workshop-inscricao/?thc-month=201504%27%22%3E%3Cscript%3Eprompt%2899%29%3C/script%3E http://sabreschool.com/?post_type=thc-events&date=2015-04-04&country=GB&thc-month=201504%27%22%3E%3Cscript%3Eprompt%2899%29%3C/script%3E http://zehaschmidtke.de/wp/events/?date=2015-05-25&dateFormat=2&country=DE&readmore=1&thc-month=201504%27%22%3E%3Cscript%3Eprompt%2899%29%3C/script%3E CREDITS This vulnerability was discovered and researched by Luciano Pedreira (a.k.a. shark) I wonder how to create a CVE for this publication? best regards, Luciano Pedreira