Vigil@nce - Drupal: inserting text/links in comments
September 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a comment using a hidden CSS selector, in
order for example to add a link pointing from the Drupal site to
his site.
– Impacted products: Drupal Core
– Severity: 2/4
– Creation date: 05/09/2013
DESCRIPTION OF THE VULNERABILITY
The Drupal service allows the usage of CSS selectors in
partial-HTML text.
However, by design, these selectors can be used to hide a text
area.
An attacker can therefore create a comment using a hidden CSS
selector, in order for example to add a link pointing from the
Drupal site to his site. So, the attacker web site will gain a
better ranking in search engines.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Drupal-inserting-text-links-in-comments-13350