VBulletin Admin Control Panel Index.PHP Multiple Cross-Site Scripting Vulnerabilities

Bugtraq ID:	21157
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Nov 17 2006 12:00AM
Updated:	Nov 29 2006 10:34PM
Credit:	insanity is credited with the discovery of these vulnerabilities.
Vulnerable:	VBulletin VBulletin 3.6.3 VBulletin VBulletin 3.6.2 VBulletin VBulletin 3.6.1 VBulletin VBulletin 3.6
Not Vulnerable:	VBulletin VBulletin 3.6.4

VBulletin Admin Control Panel Index.PHP Multiple Cross-Site Scripting Vulnerabilities

vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data.

An attacker could exploit this vulnerability to have arbitrary script code execute in the context of the affected site. This may allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

Versions 3.6.0 to 3.6.3 are vulnerable; other versions may also be affected.

VBulletin Admin Control Panel Index.PHP Multiple Cross-Site Scripting Vulnerabilities

An attacker can exploit this issue by enticing a victim to follow a malicious URI.

The following proof-of-concept URIs are available:

• /data/vulnerabilities/exploits/21157.html

VBulletin Admin Control Panel Index.PHP Multiple Cross-Site Scripting Vulnerabilities

Solution:
The vendor has released version 3.6.4 to address this issue; please contact the vendor for product updates.

VBulletin Admin Control Panel Index.PHP Multiple Cross-Site Scripting Vulnerabilities

References:

• vBulletin Homepage (vBulletin)
  
• XSS vBulletin 3.6.X Admin Control Painel (insanity)