MyBB Support

Miuna Shoutbox XSS vuln.

Submitted by Pirate, , Thread ID: 4079

Thread Closed
23-05-2015, 01:21 AM
This post was last modified: 23-05-2015, 01:24 AM by Pirate
#1
So someone was doing XSS on my copy of my Miuna Shoutbox and redirected the site to their script kiddie twitter.


I am not really scared as I already knew what he was doing it from, but I was just reporting that this is currently a vulnerable plugin

RE: Miuna Shoutbox XSS vuln.

Pulseeey
The Mandingo Man
Staff
Level:
0
Reputation:
208
Posts:
968
Likes:
159
Credits:
1.69K
23-05-2015, 01:27 AM
#2
It would be helpful if you posted how they did it, or what they targeted in the script to allow people to patch it.

RE: Miuna Shoutbox XSS vuln.

OP
23-05-2015, 01:29 AM
#3
Not sure exactly, trying to investigate atm

RE: Miuna Shoutbox XSS vuln.

DarSider
Member
Level:
0
Reputation:
13
Posts:
149
Likes:
14
Credits:
55
23-05-2015, 01:36 AM
#4
I understand how XSS are made and how to use an XSS for exploits, it's like a game for a kid.
If they succeed so you are the idiot who helped them to do that (cuz you're the owner)
If you want to correct it just send me the files of the plugin in PM
- Web Developer & Designer

Website : https://developement.design/
Skype : ef.team
Email : [email protected]

RE: Miuna Shoutbox XSS vuln.

OP
23-05-2015, 03:43 AM
#5
well I found the exploit they used thinks to pulsey
it was just html code like a meta refresh

RE: Miuna Shoutbox XSS vuln.

OP
23-05-2015, 06:51 PM
#7
23-05-2015, 05:50 PM
DarSider Wrote:
You need to fix that XSS Wink Can be dangerous

oh wow
I didn't know that

thanks for the information

Users browsing this thread: 1 Guest(s)