FosWiki web application vulnerable to Cross Site Scripting

Reported by Sabari Selvan on Friday, February 03, 2012 |

A hacker called "Sony" discovered XSS vulnerability in Foswiki web application, Foswiki is not just a wiki. It is a collaboration platform that provides users with the ability to structure data and build applications..

According to his report, many fields in Foswiki's form are vulnerable to XSS including "My Homepage","comment". Also, lot of websites using the Foswiki web application are vulnerable to XSS.

Most of educational sites(standford.edu,uchicago.edu,mit.edu), government sites and organizations use the Foswiki web application .

Poc:

http://foswiki.org/Main/SonyStyles

Follow @EHackerNews

Category: Vulnerability / Web Application Vulnerability / XSS Vulnerability

Share This Article on Twitter/Facebook/Blog/Forum or Anywhere:

FosWiki web application vulnerable to Cross Site Scripting ~ eHackingNews:
http://www.ehackingnews.com/2012/02/foswiki-web-application-vulnerable-to.html

About Author

Sabari Selvan is a Security Researcher and founder of E Hacking News and Break The Security. You can find him on Google+ , Twitter and Facebook.

Home

FosWiki web application vulnerable to Cross Site Scripting

About Author

Become a Fan

Get Latest news at Your Email