XOOPS MyTextSanitizer CSS 1.3x & 2.x Apr 25 2003 03:25PM
magistrat (magistrat blocus-zone com)

Author: Doxical & Magistrat


Date: 25/04/2003

Object: XOOPS MyTextSanitizer Filtering Bug Allows Remote Users to Conduct

Cross-Site Scripting Attacks in many modules: News, newbb, private

messages, signatures etc...

Impact: Disclosure of authentication information, Execution of arbitrary

code via network, Modification of user information, admin account


Fix: yes


After glossary and gallery modules of xoops, we have found an another

vulnerability in MytextSanitizer function who permit somme CSS injection

in xoops versions 1.3.x to 2.x

Description of the MyTextSanitizer script :

This is just the function on xoops who filters the unauthorized characters

or malicious scripts.

The vulnerability :

A remote user can bypass Sanitizer and conduct cross-site scripting

attacks with a post in a topic in board (newbb) send malicious private

message to admin, insert script in the news comment...

Example :

java script:alert%28document.cookie%29

with img tags


-the team of xoops.org was prevented on 04/21/2003

-Patch are now available since 04/25/2003


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus