[CKAN-Security] XSS for multiple sites
Tyler Kennedy
tk at tkte.ch
Thu Sep 14 14:59:09 UTC 2017
Don't believe it's related to this exploit, but if you take a look at the
resources on a lot of these sites there are attempted XSS attacks,
https://www.opendatani.gov.uk/dataset/gp-prescribing-data/resource/44b5267a-c2a5-4876-974c-055cd8d4a135
Notice the onclick at the end of the resource URL? If these sites have
datapusher and datastore enabled while allowing public access you can do
fun things like pulling the passwords file or having solr delete itself.
On Thu, Sep 14, 2017 at 10:20 AM, Adrià Mercader <adria.mercader at okfn.org>
wrote:
> > If you are the website owner or administrator please contact the
> researcher <https://www.openbugbounty.org/researchers/Spam404/> directly
> to get vulnerability details and proceed to coordinated disclosure.
>
> I'll try first emailing him and telling him I'm one of the maintainers and
> if that doesn't work we'll have to do it via a Link Digital / Viderum site
>
> On 14 September 2017 at 15:19, David Read <david.read at hackneyworkshop.com>
> wrote:
>
>> Adria,
>>
>> I believe you have to be the site owner to get the details.
>> *Virderum* run opendatani.gov.uk
>> *LinkDigital* run some of the Australian ones. Are any reps from them
>> on this list?
>>
>> David
>>
>> On 14 September 2017 at 14:02, Adrià Mercader <adria.mercader at okfn.org>
>> wrote:
>> > How does this site work? How can we get the details?
>> >
>> > On 14 September 2017 at 13:52, David Read <
>> david.read at hackneyworkshop.com>
>> > wrote:
>> >>
>> >> To: CKAN Security list,
>> >>
>> >> I got alerted to this report of XSS on a number of CKAN sites:
>> >>
>> >> https://www.openbugbounty.org/reports/294186/
>> >>
>> >> I don't know the details of the specific problem, but I'm asking via
>> >> my contacts.
>> >> The CKAN versions on the list seems pretty broad and include the latest
>> >> e.g.
>> >>
>> >> CKAN 2.2.4 https://data.england.nhs.uk/api/util/status
>> >> CKAN 2.6.2 https://www.opendatani.gov.uk/api/util/status
>> >>
>> >> David
>> >> _______________________________________________
>> >> CKAN security
>> >> https://lists.okfn.org/mailman/listinfo/security
>> >> https://lists.okfn.org/mailman/options/security/adria.
>> mercader%40okfn.org
>> >>
>> >> Repo: https://github.com/ckan/ckan-security
>> >
>> >
>> >
>> > _______________________________________________
>> > CKAN security
>> > https://lists.okfn.org/mailman/listinfo/security
>> > https://lists.okfn.org/mailman/options/security/david.read%
>> 40hackneyworkshop.com
>> >
>> > Repo: https://github.com/ckan/ckan-security
>> _______________________________________________
>> CKAN security
>> https://lists.okfn.org/mailman/listinfo/security
>> https://lists.okfn.org/mailman/options/security/adria.mercader%40okfn.org
>>
>> Repo: https://github.com/ckan/ckan-security
>>
>
>
> _______________________________________________
> CKAN security
> https://lists.okfn.org/mailman/listinfo/security
> https://lists.okfn.org/mailman/options/security/tk%40tkte.ch
>
> Repo: https://github.com/ckan/ckan-security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20170914/96b4dd4c/attachment-0001.html>
More information about the Security
mailing list