ReviewBoard Commenting System Cross Site Scripting Vulnerability
BID:50681
Info
ReviewBoard Commenting System Cross Site Scripting Vulnerability
| Bugtraq ID: | 50681 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4312 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 15 2011 12:00AM |
| Updated: | Apr 13 2015 10:24PM |
| Credit: | Jan Lieskovsky |
| Vulnerable: |
Review Board Review Board 1.6.3 Review Board Review Board 1.5.7 |
| Not Vulnerable: | |
Discussion
ReviewBoard Commenting System Cross Site Scripting Vulnerability
ReviewBoard is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
ReviewBoard is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
ReviewBoard Commenting System Cross Site Scripting Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI.
To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI.
Solution / Fix
ReviewBoard Commenting System Cross Site Scripting Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
ReviewBoard Commenting System Cross Site Scripting Vulnerability
References:
References:
- Reviewboard Homepage (Reviewboard)
- Bug 754126 - ReviewBoard: XSS in the commenting system (diff viewer and screensh (Jan Lieskovsky )
- New Review Board Security Releases: 1.5.7 and 1.6.3 (Review Board)
- Review Board 1.6.3 Release Notes (Review Board)