Cross-site Scripting (XSS) vulnerability in AjaxUploader

  •  02-09-2009, 12:22 PM

    Cross-site Scripting (XSS) vulnerability in AjaxUploader

    our enterprise security scanner reported a cross-site scripting vulnerability for the AjaxUploader.  What it was able to do was modify the UploadOK() handler script to include a textarea and more scripting:
     
    <script type='text/javascript'>if(window.parent.CurrentUpload)window.parent.CurrentUpload.UploadOK('""'></SCRIPT></TITLE></TEXTAREA>'""></XSS/*-*/STYLE=xss:e/**/xpression(try{a=firstTime}catch(e){firstTime=1;alert(2431)})>','95c88ae3-3f1a-447e-af75-71f8c9c8cb46')</script>
     
    Could you tell me how I could address this vulnerability?  I have Microsoft's AntiXss library, which includes a JavaScriptEncode() method which can be called on the server side, but I don't know how to access the script in question.
     
    thanks,
     
    Pete
View Complete Thread