SMF Image File HTML Injection Vulnerability

Bugtraq ID:	21431
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Dec 04 2006 12:00AM
Updated:	Dec 04 2006 10:34PM
Credit:	Jessica Hope and rotwang are credited with the discovery of this vulnerability.
Vulnerable:	Simple Machines SMF 1.1 rc3 Simple Machines SMF 1.1 rc2 Simple Machines SMF 1.1 rc1 Simple Machines SMF 1.1 final Simple Machines SMF 1.0.9 Simple Machines SMF 1.0.8 Simple Machines SMF 1.0.8 Simple Machines SMF 1.0.7 Simple Machines SMF 1.0.6 Simple Machines SMF 1.0.5 Simple Machines SMF 1.0.4 Simple Machines SMF 1.0.2 Simple Machines SMF 1.0 -beta5p Simple Machines SMF 1.0 -beta4p Simple Machines SMF 1.0 -beta4.1
Not Vulnerable:

SMF Image File HTML Injection Vulnerability

SMF is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would execute in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

Note that this vulnerability may be triggered only in the Internet Explorer browser.

SMF version 1.1 is vulnerable to this issue.

SMF Image File HTML Injection Vulnerability

Attackers can exploit this issue via a web client.