Written by Adam Baldwin
Monday, 23 March 2009 22:14
ExpressionEngine Avtaar Name HTML Injection Vulnerability
Input Validation Error
Mar 22 2009 12:00AM
Mar 23 2009 02:46PM
EllisLab ExpressionEngine 1.6.6
EllisLab ExpressionEngine 1.6.4
EllisLab ExpressionEngine 1.6.7
ExpressionEngine is prone to an HTML-injection vulnerability because the application fails to properly
sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would run in the context of the affected browser, potentially
allowing the attacker to steal cookie-based authentication credentials or to control how the site is
rendered to the user. Other attacks are also possible.
ExpressionEngine versions 1.6.4 to 1.6.6 are affected. Other versions may also be vulnerable.
Attackers can use a browser to exploit this issue.
The following example input is available:
The vendor has released fixes. Please see the references for more information.