This could become a massive vulnerability since many sites or blogs out there allow user to post image on their article’s comment. As my small research, I found out that we could launch a HTML Injection, XSS and even CSRF attack to sites that vulnerable to this. Here is the PoC :
<img src=”http://zoiz.web.id/fotoku.jpg” width=”10″ height=”10″ onerror=”window.location.href=’http:/zoiz.web.id’;”>
The method is the same as my Pop Up Method, it triggered javascript inside image error handler hence it bypasses javascript filter. This apply to sites that allow users to post image on their comments.
If you enjoyed this article, please consider sharing it!
Only for testing.
It didn’t work. Hooray for WordPress!!!!
[...] (more…) [...]
I don’t really understand zoiz, do you have any basic sql tutorial ? :d
@stu : sqli tutorial ? why dont u browse around websecurity.ro/blog ?
or lifedork.com maybe? hahahaha
First time I learned SQL is from w3schools.com
hehehe
[...] Massive HTML Injection Vulnerability [...]
Cool om zoiz…. xixixixxii.
i just want to learn from you.
My Herooo…… ^:)^
@test pop
Filtered sir! Try in on other CMS, wordpress is not vulnerable to this though
[...] February 16, 2008 — Massive HTML Injection Vulnerability (10) [...]