Sohu white society cross site vulnerability

Vulnerability Details

Disclosure status ：

2010-08-02： The details have been notified to the manufacturer and are waiting for the manufacturer to process
2010-08-04： The manufacturer has confirmed , The details are only disclosed to the manufacturer
2010-08-14： The details are disclosed to the core white hat and experts in related fields
2010-08-24： The details are open to ordinary white hats
2010-09-03： The details are disclosed to the white hat
2010-09-06： The details are made public

A brief description ：

sohu White society cross site vulnerability

Detailed instructions ：

sohu There are cross site vulnerabilities in the white society sharing function , The page only verifies the URL entered by the user on the client , Data can be submitted through tools to bypass . Formed XSS May lead to CSRF

Vulnerability to prove ：

If the shared URL Submitted as ‘javascript:alert(/xss/)’ It will lead to cross station . Form the following ：
<iframe id="j-shareFrame" frameborder="0" scrolling="yes" src="javascript:alert(/xss/)" style="overflow-y: auto; overflow-x: hidden; height: 296px; ">
</iframe>
javascript:sohu.feed.FreshHome.addFriend('123456789',this,true)

Repair plan ：

Strictly verify user input on the server

Copyright notice ： Please quote source for reprint  xti9er@ Dark clouds