Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Advisory from Netsparker - vulnerability in Sharre (2.0.1) Social Sharing Plugin #306

Open
DanielBishtawi opened this issue Jan 15, 2018 · 4 comments
Open

Advisory from Netsparker - vulnerability in Sharre (2.0.1) Social Sharing Plugin #306

DanielBishtawi opened this issue Jan 15, 2018 · 4 comments

Comments

@DanielBishtawi
Copy link

Hello,

While testing the Netsparker web application security scanner we identified a vulnerability in Sharre (2.0.1).

Can you please advise whom shall we contact to disclose the vulnerability details so it can be fixed?

Please email me: daniel (at) netsparker (dot) com

Looking forward to hearing from you.

Regards,

Daniel Bishtawi
@justageek
Copy link

We are patching the script ourselves so it sanitizes script tags passed in via the URL. Is that the issue?

@makmour
Copy link

makmour commented Feb 14, 2019

Hi @DanielBishtawi. Did you receive any reply?

@DanielBishtawi
Copy link
Author

@makmour We received a reply by the vendor stopped responding.

The technical details can be found here: https://www.netsparker.com/web-applications-advisories/ns-18-041-dom-cross-site-scripting-in-sharrre/

@makmour
Copy link

makmour commented Feb 14, 2019

Thanks for your fast reply @DanielBishtawi.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@justageek @makmour @DanielBishtawi