Websecurity - Веб безпека

Next participant of the project is Yandex. It is the most popular Russian search engine.

The vulnerability is in Yandex blog search (blogs.yandex.ru) in script for getting botton for your blog. Last time about Yandex blog search I wrote in article New vulnerability at yandex.ru (hole was in ratings of the blogs and was quickly fixed after my informing). This Cross-Site Scripting hole I found 17.03.2007 and it is DOM Based Cross Site Scripting (XSS in DOM).

XSS:

• alert(document.cookie)
• redirector
• html injection

The vulnerability is in id parameter:
http://blogs.yandex.ru/getbutton/?id='}alert(document.cookie);function a(n,h,w,type){//

Moral: searching for blogs and getting buttons for blogs can be risky.

P.S.

Also I prepared others interesting holes concerned with Yandex. So wait for today’s bonus post .

This entry was posted on 18:54 07.06.2007 and is filed under MOSEB. You can follow any responses to this entry through the RSS 2.0 feed.