I just did a acunetix scan on my website, and it came up with a few cross site scripting problems on my site. My question is, what exactly is a cross site script, and is there a way I can prevent it. Or is the problem lie within my CMS? Another weird thing, it reckons my server has Bonjour service running, which I thought was weird because I have Linux, and didn't know bonjour existed on that.
My Website: http://ttgale.com
My Website Uptime: http://img.uptimeprj.com/holastickbo...dee9bae2e2.png
My Server Specs: AMD Athlon X2 3800+, 2gb DDR2 RAM, 1.5TB HDD, Ubuntu 9.10
My Gaming PC: Intel Core 2 Duo 2.93ghz, 4gb DDR2 RAM, 9800GTX+
Another way is to use Firefox, and start downloading some addons. To help protect against XSS, NoScript, SafeHistory, SafeCache, Anti-Phishing Toolbar, and more. The ones mentioned will help keep data from a JS script from reflecting to another server.
As for your issue, with your own site, make sure to secure your JS files as much as possible. If you are using CMS software from a company, just hope they keep up on the vulnerabilities. Watch SecurityFocus for your specific CMS to come up with an XSS exploit (many have in the past week), and find out what is causing it. You might want to lock down parts of the CMS software, or make sure it's only used over a VPN, or LAN. Without knowing much more about the CMS software itself, I can't really help. The issue is in the code, not through an application. XSS exploits can dodge webserver logs completely, and be almost completely undetectable.
I could go on and on about XSS, but that would turn out to be a book. I will be submitting a light tutorial for 2600 on XSS (hopefully getting people to start securing browsers for such exploits), presenting an exploit at Defcon (2010), and a few exploits for MetaSploit. Maybe after that, people will start coding to protect against such.
arrogance breeds ignorance
Screaming Electron, Full of BSD Goodness