Advisory from Netsparker - vulnerability in Sharre (2.0.1) Social Sharing Plugin

[DanielBishtawi]

Hello,

While testing the Netsparker web application security scanner we identified a vulnerability in Sharre (2.0.1).

Can you please advise whom shall we contact to disclose the vulnerability details so it can be fixed?

Please email me: daniel (at) netsparker (dot) com

Looking forward to hearing from you.

Regards,

Daniel Bishtawi

[justageek]

We are patching the script ourselves so it sanitizes script tags passed in via the URL. Is that the issue?

[makmour]

Hi @DanielBishtawi. Did you receive any reply?

[DanielBishtawi]

@makmour We received a reply by the vendor stopped responding.

The technical details can be found here: https://www.netsparker.com/web-applications-advisories/ns-18-041-dom-cross-site-scripting-in-sharrre/

[makmour]

Thanks for your fast reply @DanielBishtawi.