Lets start Happy New Year by some reflection...
Reflection as "reflected XSS" in latest Joomla (1.7.3 for this post).
Scenario of this attack is quite simple: attacker must build file with XSS and send it to Victim.
For reflected XSS when we are talking about Admin and Users, situation could be like this:
- (mail to admin) hi admin, this is my file.html, could it be added to my Joomla Profile? (... or what ever else...;) )
- wait, I must check it...
(...) and here is when admin or other user could be exploited by this reflected XSS.
What do You think: Should it be public? :D
As there is a nice example of how reflected XSS could be devastating, I present You
link to PoC I found here (it is well known polish portal about security and IT, enjoy!).
Pastebin link is example of what Aditya Modha and Samir Shah found in WordPress 3.3.
Nice work! ;)
(more -> soon... ;) )