|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Daniel Nyström (exce
netwinder.nu)Date: Fri Apr 19 2002 - 01:48:24 CDT
Telhack 026 Inc. Security Advisory - #2
_________________________________________
Name: IcrediBB 1.1 (iBB Beta 1.1)
Impact: Medium (Cross Site Scripting)
Date: April 19 / 2002
_________________________________________
Daniel Nyström <excenetwinder.nu>
_I N F O_
IcrediBB is a web BB. PHP powered, MySQL backend. Quick as well as
easy on the server's resources. Vendor has been notified of all issues
discussed.
vendor is at: http://www.icredibb.com , and the package used for
experimentation
was icredi1-1.tar.gz found at http://www.sourceforge.net -> icredibb .
_P R O B L E M_
A Cross Site Scripting has been found due to insufficient checking of user
input
in both thread title and body. Therefore a user may post a message
containing
hostile javascript for example.
_I M P A C T_
Medium, as stealing of cookies is possible and probably you can mess up alot
of
things in MSIE * with evil javascript.
_E X P L O I T I N G_
Post a message containing:
<script>alert('Cross Site Scripting possible');</script>
in either the subject line or the message body. When users view the
forum(subject vuln)
or the post(body vuln) the javascript will be executed.
_F I X E S_
This vulnerability exist because of improper checking of user input. Suggest
vendor filter
out bad HTML and release new vesion.
/Daniel Nyström a.k.a. excE Telhack 026 Inc.
http://excelsi0r.darktech.org
http://www.telhack.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]