Qhov tsis zoo (CVE-2021-39341) tau raug txheeb xyuas hauv OptinMonster WordPress add-on, uas muaj ntau tshaj li ib lab kev teeb tsa thiab siv los tso saib cov ntawv ceeb toom pop-up thiab muab, tso cai rau koj tso koj li JavaScript code rau ntawm qhov chaw. siv tus txheej txheem add-on. Qhov tsis zoo tau raug kho hauv kev tso tawm 2.6.5. Txhawm rau thaiv kev nkag mus los ntawm cov yuam sij raug ntes tom qab txhim kho qhov hloov tshiab, OptinMonster cov neeg tsim khoom tau tshem tawm tag nrho cov tsim API nkag mus rau yav dhau los thiab ntxiv kev txwv ntawm kev siv WordPress qhov chaw yuam sij los hloov kho OptinMonster cov phiaj xwm.
Qhov teeb meem yog tshwm sim los ntawm lub xub ntiag ntawm REST-API /wp-json/omapp/v1/support, uas tuaj yeem nkag mus yam tsis muaj kev lees paub - qhov kev thov raug ua tiav yam tsis muaj kev kuaj xyuas ntxiv yog tias tus neeg xa ntawv header muaj cov hlua "https://wp .app.optinmonster.test" thiab thaum teeb tsa HTTP thov hom rau "OPTIONS" (overridden los ntawm HTTP header "X-HTTP-Method-Override"). Ntawm cov ntaub ntawv xa rov qab thaum nkag mus rau REST-API hauv nqe lus nug, muaj tus yuam sij nkag uas tso cai rau koj xa cov lus thov mus rau REST-API handlers.
Siv tus yuam sij tau txais, tus neeg tawm tsam tuaj yeem hloov pauv rau txhua qhov pop-up blocks tshwm sim siv OptinMonster, suav nrog kev teeb tsa kev ua tiav ntawm nws tus lej JavaScript. Tau txais lub sijhawm los ua nws cov JavaScript code nyob rau hauv cov ntsiab lus ntawm lub xaib, tus neeg tawm tsam tuaj yeem hloov cov neeg siv mus rau nws lub xaib lossis teeb tsa kev hloov pauv ntawm tus lej muaj cai hauv lub vev xaib cuam tshuam thaum tus thawj tswj hwm lub vev xaib tau hloov pauv JavaScript code. Muaj kev nkag mus rau lub vev xaib interface, tus neeg tawm tsam tuaj yeem ua tiav nws cov lej PHP ntawm lub server.
Tau qhov twg los: opennet.ru