WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
BID:12199
Info
WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12199 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 08 2005 12:00AM |
| Updated: | Jan 08 2005 12:00AM |
| Credit: | Discovery is credited to drhankey. |
| Vulnerable: |
Woltlab Burning Board Lite 1.0.1 e Woltlab Burning Board Lite 1.0 .0 |
| Not Vulnerable: | |
Discussion
WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
WoltLab Burning Board Lite is prone to a cross-site scripting vulnerability. The cause of the vulnerability is that user-supplied data in the form of HTML and script code is not sufficiently sanitized before being output in dynamically generated Web pages.
An attacker could exploit this issue by enticing a Web user into following a malicious link that contains hostile HTML and script code. This may allow for theft of cookie-based authentication credentials or other attacks.
WoltLab Burning Board Lite is prone to a cross-site scripting vulnerability. The cause of the vulnerability is that user-supplied data in the form of HTML and script code is not sufficiently sanitized before being output in dynamically generated Web pages.
An attacker could exploit this issue by enticing a Web user into following a malicious link that contains hostile HTML and script code. This may allow for theft of cookie-based authentication credentials or other attacks.
Exploit / POC
WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
The following example was provided:
http://www.example.com/board/formmail.php?userid=1"><script>document.location.href="http://www.it-security23.net";</script x="y
The following example was provided:
http://www.example.com/board/formmail.php?userid=1"><script>document.location.href="http://www.it-security23.net";</script x="y
Solution / Fix
WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
WoltLab Burning Board Lite Form Mail Script Cross-Site Scripting Vulnerability
References:
References:
- CityForFree Product Page (CityForFree)
- Security Advisory: Woltlab Burning Board Lite formmail.php XSS (Martin Heistermann
)