kses Multiple Input Validation Vulnerabilities
The kses HTML filter is prone to multiple input-validation vulnerabilities that can lead to client-side script execution.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. PHP code execution is also reportedly possible, but may be exploitable only in limited -- and unknown -- circumstances.
The issues are known to affect the following multiple projects that have incorporated kses:
Dokeos prior to 1.8.4 SP3
eGroupWare prior to 1.4.003
WordPress prior to 2.5
Moodle prior to 1.9
Other applications may also be affected.
NOTE: These issues were previously documented in the following BIDs:
28424 eGroupWare '_bad_protocol_once()' HTML Security Bypass Vulnerability
28121 Dokeos Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities
Since these issues were determined to originate in the same kses-based source code, this BID has been created to cover all the affected packages.