Pentesting and IT Security Blog

Our passion for testing and defending infrastructures, applications and companies often leads us to the point where we want to share our thoughts and experience with the world. Here you can read all about our exploits and research and enjoy our posts, from useful howtos, to published CVEs, management strategies, new exciting tools and much more. As a provider of offensive and defensive IT services, we always welcome readers to reach out to us and ask questions or provide feedback, be it about our blog or our services, which include web-application and network penetration tests, system defense and hardening and management consulting, among others.

CVE-2015-5077 – XSS in BlueSpice Wiki

Thu Jul 09, 2015 category

CVE & Disclosures
tags

Vulnerability CVE Disclosure

Overview A stored XSS vulnerabily was discovered in the ShoutBox module of the enterprise application "BlueSpice Wiki". Title BlueSpice Shoutbox – Stored Cross-Site Scripting Product BlueSpice for MediaWiki Plugin: ShoutBox Vulnerable version 2.23.1 Fixed version 2.23.1.1 Vendor...

Security Howto Sicherheit Awareness Pentesting Encryption Vulnerability Crypto Debian Ubuntu Linux Client Logdaten Data Privacy Logging TLS Endnutzer News SSL SSH Updates Internet Social Engineering Web Audits Access XSS Datenschutz Content-Security-Policy DSGVO Whitepaper Verschlüsselung Passwörter HTTP-Header Videospiele Ransomware Cryptotrojaner Pentest Sicherheitstest OSINT GDPR Recon Footprint Anonymisierung Betrug Penetrationstest Boardingpass CSP STARTTLS Disclosure Risk Monetary Damage Bad Practice Password Web Development Tricks Steam Leak Cache Mail Meetup Android Community Vulnerability Assessment Development Physical Security Ethernet Sniffing Wiretap Hardening CVE Certificate Trust Passwortmanager

Pentesting and IT Security Blog

CVE-2015-5077 – XSS in BlueSpice Wiki

Follow us

Newsletter

Categories

Tags