|
Feeds -
Exploits
|
|
Written by Dante90
|
|
Friday, 13 March 2009 23:59 |
RETIRED: phpBB 'ucp.php' Cross Site Scripting Vulnerability
-\\Bugtraq ID:
33995
-\\Class:
Input Validation Error
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Mar 04 2009 12:00AM
-\\Updated:
Mar 13 2009 03:26PM
-\\Credit:
Dante90
-\\Vulnerable:
phpBB Group phpBB 3.0.4
phpBB Group phpBB 3.0.3
phpBB Group phpBB 3.0.2
phpBB Group phpBB 3.0.1
phpBB Group phpBB 3.0
-\\Discussion
phpBB is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
This issue affects phpBB 3.x; other versions may also be affected.
UPDATE (March 13, 2009): This BID is being retired because the issue cannot be exploited as described.
-\\Exploit(s)/PoC(s):
To exploit this issue, an attacker must entice an unsuspecting user into following a malicious URI.
The following example URI is available:
http://www.example.com/ucp.php?i=pm&mode=compose&action=reply&f=[xss]&p=[page]
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
UPDATE (March 13, 2009): This BID is being retired as the issue can not be exploited as described.
-\\References(s)
--phpBB Homepage
http://www.phpbb.com (phpBB Group)
|
