EZBoard Font Tag HTML Injection Vulnerability
BID:9725
Info
EZBoard Font Tag HTML Injection Vulnerability
| Bugtraq ID: | 9725 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0319 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery of this vulnerability has been credited to Cheng Peng Su <[email protected]>. |
| Vulnerable: |
ezboard ezboard 7.3 u |
| Not Vulnerable: | |
Discussion
EZBoard Font Tag HTML Injection Vulnerability
ezboard is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code encapsulated in [font] tags of posts to the bulletin board. This code may be rendered in the web browser of a user who views these areas of the site. This would occur in the security context of the site hosting ezboard.
ezboard is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code encapsulated in [font] tags of posts to the bulletin board. This code may be rendered in the web browser of a user who views these areas of the site. This would occur in the security context of the site hosting ezboard.
Exploit / POC
EZBoard Font Tag HTML Injection Vulnerability
The following proof of concept has been supplied:
[font color=red;background:url(javascript:alert(document.cookie))]Big Exploit![/font]
[font face=Verdana;background:url(javascript:alert(document.cookie))]Big Exploit![/font]
The following proof of concept has been supplied:
[font color=red;background:url(javascript:alert(document.cookie))]Big Exploit![/font]
[font face=Verdana;background:url(javascript:alert(document.cookie))]Big Exploit![/font]
Solution / Fix
EZBoard Font Tag HTML Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
EZBoard Font Tag HTML Injection Vulnerability
References:
References:
- Ezboard Homepage (Ezboard)
- ezBoard Cross Site Scripting Vulnerability (Cheng Peng Su