TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
BID:30026
Info
TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
| Bugtraq ID: | 30026 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3043 CVE-2008-3029 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 01 2008 12:00AM |
| Updated: | Jul 05 2016 09:38PM |
| Credit: | Markus Angerer |
| Vulnerable: |
Typo3 WEC Discussion Forum 1.6.2 Typo3 WEC Discussion Forum 1.6 |
| Not Vulnerable: |
Typo3 WEC Discussion Forum 1.6.3 |
Discussion
TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
WEC Discussion Forum is prone to a security-bypass issue and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied data.
An attacker may exploit the security-bypass vulnerability to upload arbitrary files and execute script code in the context of the webserver process.
The attacker may also leverage the cross-site scripting issues to execute script code in an unsuspecting user's browser or to steal cookie-based authentication credentials; other attacks are also possible.
These issues affect versions prior to WEC Discussion Forum 1.6.3.
WEC Discussion Forum is prone to a security-bypass issue and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied data.
An attacker may exploit the security-bypass vulnerability to upload arbitrary files and execute script code in the context of the webserver process.
The attacker may also leverage the cross-site scripting issues to execute script code in an unsuspecting user's browser or to steal cookie-based authentication credentials; other attacks are also possible.
These issues affect versions prior to WEC Discussion Forum 1.6.3.
Exploit / POC
TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim into following a malicious URI.
An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim into following a malicious URI.
Solution / Fix
TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
Solution:
The vendor has released an update. Please see the references for more information.
Solution:
The vendor has released an update. Please see the references for more information.
References
TYPO3 WEC Discussion Forum Security Bypass and Multiple Cross Site Scripting Vulnerabilities
References:
References:
- Synnefoims Homepage (synnefoims)
- WEC Discussion Forum Homepage (TYPO3)
- TYPO3 Security Bulletin TYPO3-20080701-4 (TYPO3)