BID:17529

LifeType Index.PHP Cross-Site Scripting Vulnerability

Info

LifeType Index.PHP Cross-Site Scripting Vulnerability

Bugtraq ID:	17529
Class:	Input Validation Error
CVE:	CVE-2006-1808
Remote:	Yes
Local:	No
Published:	Apr 13 2006 12:00AM
Updated:	Mar 31 2008 10:49PM
Credit:	Rusydi Hasan M is credited with the discovery of this vulnerability.
Vulnerable:	LifeType LifeType 1.0.3

Not Vulnerable:	LifeType LifeType 1.0.4

Discussion

LifeType Index.PHP Cross-Site Scripting Vulnerability

LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Exploit / POC

LifeType Index.PHP Cross-Site Scripting Vulnerability

This issue can be exploited through a web client.

An example URI has been provided:

http://www.example.com/[lifetype_dir]/index.php?op=Template&blogId=1&show=[XSS_here]

Solution / Fix

LifeType Index.PHP Cross-Site Scripting Vulnerability

Solution:
LifeType 1.0.4 has been released to address this issue. Please see the references for more information.

References

LifeType Index.PHP Cross-Site Scripting Vulnerability

References:

LifeType Home Page (LifeType)
Vulnerabilities in lifetype ([email protected])