Product Announcements

25 Latest Articles Current Items | Archives | Search
19
DNN - Security Bulletin 47
NDD-Support posted on January 19, 2011 18:42

Failure to filter viewstate exception details can lead to reflective xss issue

Published: Jan 19, 2011

Version: 1.0

Maximum Severity Rating: Low

Background

DotNetNuke has custom error handling which both logs and displays the results of unexpected exceptions.

Issue Summary

Whilst correctly encoding the error messages to protect against cross-site scripting attacks, the error page was assuming values returned by the asp.net framework were safe. A potential hacker could generate a custom URL which contained an invalid viewstate value, composed of an XSS attack. If a user could then be fooled into clicking on that link, a reflective XSS issue would occur

Mitigating factors

Users would have to be fooled into clicking on a link that contained the invalid viewstate. In addition DotNetNuke contains a number of pieces of protection against cross-site scripting issues including the use of the HTTPOnly attribute which stops XSS code accessing users cookies.

Affected DotNetNuke versions

  • 3.0.0-5.6.0

Non-Affected Versions:

  • All other versions

Fix(s) for issue

To fix this problem, you are recommended to update to the latest version of DotNetNuke (5.6.1 at time of writing)

Acknowledgments

Richard Brain of ProCheckUp Ltd (www.procheckup.com)

Security Policy

Click here to read more details on the DotNetnuke Security Policy

Posted in: Security Bulletins
Actions:
Share |

Post Rating

Comments

There are currently no comments, be the first to post one.

Post Comment

Only registered users may post comments.