Topic: Cross Site Scripting | BulletProof Security Forum

Cross Site Scripting

Tagged: Cross Site Scripting

This topic has 1 reply, 1 voice, and was last updated 11 years, 1 month ago by AITpro Admin.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
March 19, 2013 at 11:06 am #3215
AITpro Admin
Keymaster

Email Question:

hi there, I am struggling with something, I run BPS on my website, but found that someone got through. See below :-

Cross Site Scripting
URL: http: //new.example.com/portfolios/media/?cpt_item=liberty-professionals
Affected Parameter: yit_contact[email]
Vector Used: “>
Pattern found: “>
Complete Attack:

http: //new.example.com/portfolios/media?cpt_item=liberty-professionals [yit_contact[name]= &yit_contact[email]="> &yit_contact[message]= &yit_bot= &yit_action=sendemail &yit_referer=http: //new.example.com/portfolios/media/?cpt_item=liberty-professionals &id_form=228 &yit_sendemail=Say Hello]

I would like to have the htaccess filter out < > characters and stop cross browser, is this something PRO would bet better at?? Thanks.
March 19, 2013 at 11:08 am #3216
AITpro Admin
Keymaster

I ran some tests and BPS did block this attack string successfully. There are several security filters in BPS that block the angle brackets.

>>>>>>>>>>> 403 GET or Other Request Error Logged - March 19, 2013 - 9:42 am <<<<<<<<<<< REMOTE_ADDR: 108.213.94.121 Host Name: xxxxx HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /aitpro-blog/?src=liberty-professionals%20yit_contactname=%20&yit_contactemail=%22%3E QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22 AlexaToolbar/alxg-3.1
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

BulletProof Security Forum

Cross Site Scripting

Search Forums

Topic Tags