Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
BID:22783
Info
Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 22783 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1248 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 01 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | the_Edit0r is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
built2go News Manager Blog 1.0.2 built2go News Manager Blog 1.0 |
| Not Vulnerable: |
built2go News Manager Blog 1.0.3 |
Discussion
Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
Built2Go News Manager Blog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
These issues affect versions prior to 1.0.3; prior versions may also be affected.
Built2Go News Manager Blog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
These issues affect versions prior to 1.0.3; prior versions may also be affected.
Exploit / POC
Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.
The following proof-of-concept URIs are available:
http://www.example.com/[path]/news.php?cid=[Xss-Script]
http://www.example.com/[path]/news.php?uid=[Xss-Script]
http://www.example.com/[path]/rating.php?nid=[Xss-Script] http://www.example.com/[path]/news.php?nid=[Xss-Script]
Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.
The following proof-of-concept URIs are available:
http://www.example.com/[path]/news.php?cid=[Xss-Script]
http://www.example.com/[path]/news.php?uid=[Xss-Script]
http://www.example.com/[path]/rating.php?nid=[Xss-Script] http://www.example.com/[path]/news.php?nid=[Xss-Script]
Solution / Fix
Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
Solution:
The vendor released an update to address this issue. Pleases see the references for more information.
Solution:
The vendor released an update to address this issue. Pleases see the references for more information.
References
Built2Go News Manager Blog Multiple Cross-Site Scripting Vulnerabilities
References:
References: