Miuna Shoutbox XSS vuln.

Pirate · 23-05-2015, 01:21 AM

So someone was doing XSS on my copy of my Miuna Shoutbox and redirected the site to their script kiddie twitter.

I am not really scared as I already knew what he was doing it from, but I was just reporting that this is currently a vulnerable plugin

Pulseeey · 23-05-2015, 01:27 AM

It would be helpful if you posted how they did it, or what they targeted in the script to allow people to patch it.

Pirate · 23-05-2015, 01:29 AM

Not sure exactly, trying to investigate atm

DarSider · 23-05-2015, 01:36 AM

I understand how XSS are made and how to use an XSS for exploits, it's like a game for a kid.
If they succeed so you are the idiot who helped them to do that (cuz you're the owner)
If you want to correct it just send me the files of the plugin in PM

Pirate · 23-05-2015, 03:43 AM

well I found the exploit they used thinks to pulsey
it was just html code like a meta refresh

DarSider · 23-05-2015, 05:50 PM

You need to fix that XSS Wink

Can be dangerous

Pirate · 23-05-2015, 06:51 PM

23-05-2015, 05:50 PM
DarSider Wrote: You need to fix that XSS Can be dangerous

oh wow
I didn't know that

thanks for the information

Miuna Shoutbox XSS vuln.

Submitted by Pirate, 23-05-2015, 01:21 AM, Thread ID: 4079

RE: Miuna Shoutbox XSS vuln.

RE: Miuna Shoutbox XSS vuln.

RE: Miuna Shoutbox XSS vuln.

RE: Miuna Shoutbox XSS vuln.

RE: Miuna Shoutbox XSS vuln.

RE: Miuna Shoutbox XSS vuln.