• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Xoops Private Message Box Cross-Agent Scripting Vulnerability

Xoops is open-source, freely available web portal software written in object-oriented PHP. It is back-ended by a MySQL database and will run on most Unix and Linux distributions.

Xoops includes a Private Message System for users. The image parameter of the pmlite.php script does not sufficiently filter JavaScript code. When another user views this page, the malicious script code will be executed on that user in the context of the site running Xoops.

This issue may be exploited by an attacker to steal a legitimate user's cookie-based authentication credentials, among other things.