JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
BID:9940
Info
JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 9940 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2004 12:00AM |
| Updated: | Mar 22 2004 12:00AM |
| Credit: | Disclosure of this issue is credited to JeiAr <[email protected]>. |
| Vulnerable: |
Jelsoft vBulletin 2.3.4 Jelsoft vBulletin 2.3.3 Jelsoft vBulletin 2.3 Jelsoft vBulletin 2.2.9 can Jelsoft vBulletin 2.2.8 Jelsoft vBulletin 2.2.7 Jelsoft vBulletin 2.2.6 Jelsoft vBulletin 2.2.5 Jelsoft vBulletin 2.2.4 Jelsoft vBulletin 2.2.3 Jelsoft vBulletin 2.2.2 Jelsoft vBulletin 2.2.1 Jelsoft vBulletin 2.2 .0 Jelsoft vBulletin 2.0.2 Jelsoft vBulletin 2.0.1 Jelsoft vBulletin 2.0 beta 3 Jelsoft vBulletin 2.0 beta 2 Jelsoft vBulletin 2.0 |
| Not Vulnerable: |
Jelsoft vBulletin 3.0 .0 can4 Jelsoft vBulletin 3.0 .0 |
Discussion
JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'ptivate.php' script. This issue is reportedly due to a failure to sanitize user input and so allow for injection of HTML and script code that may facilitate cross-site scripting attacks.
Successful exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'ptivate.php' script. This issue is reportedly due to a failure to sanitize user input and so allow for injection of HTML and script code that may facilitate cross-site scripting attacks.
Successful exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks.
Exploit / POC
JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided.
http://www.example.com/private.php?&action=newmessage&userid=[UID]&forward=[XSS]
No exploit is required to leverage this issue. The following proof of concept has been provided.
http://www.example.com/private.php?&action=newmessage&userid=[UID]&forward=[XSS]
Solution / Fix
JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
Solution:
It has been reported that an upgrade, version 3.0.0, is available that is not prone to this issue. It should be noted that this has not been confirmed by the vendor. Please see the reference section and contact the vendor for more information and details on obtaining the upgrade.
Solution:
It has been reported that an upgrade, version 3.0.0, is available that is not prone to this issue. It should be noted that this has not been confirmed by the vendor. Please see the reference section and contact the vendor for more information and details on obtaining the upgrade.
References
JelSoft VBulletin Private.PHP Cross-Site Scripting Vulnerability
References:
References:
- vBulletin Homepage (vBulletin)