vBulletin vBShop Module Multiple HTML Injection Vulnerabilities

Bugtraq ID:	52729
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 27 2012 12:00AM
Updated:	Mar 27 2012 12:00AM
Credit:	Reported by the vendor and ToiL
Vulnerable:	DragonByte Technologies vBshop 2.1 DragonByte Technologies vBshop 2.0
Not Vulnerable:	DragonByte Technologies vBshop 2.2.3

vBulletin vBShop Module Multiple HTML Injection Vulnerabilities

vBShop module is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.

vBShop versions prior to 2.2.3 are vulnerable.

vBulletin vBShop Module Multiple HTML Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

vBulletin vBShop Module Multiple HTML Injection Vulnerabilities

Solution:
Updates are available. Please see the references for details.

vBulletin vBShop Module Multiple HTML Injection Vulnerabilities

References:

• vBshop Homepage (DragonByte Technologies)
  
• vBshop persistent XSS 0day (ToiL)
  
• vBShop v2.2.3 (Security Release) (DragonByte Technologies)