>> The changelog (contained within this release) is as follows:
>> - Fixed critical issue with highlighting - Discovered and fix provided by
>> Ron van Daal
>
> Does anyone know what the scope of this vulnerability actually is? "Critical
> issue" isn't really enough to go on here. Are we talking arbitrary PHP code
> execution or something lesser like SQL injection or slipping HTML into the
> bbCode? Neither the phpBB Changelog or any advisories seem to mention what
> the scope of this is. I'm guessing it's arbitrary PHP code execution based
> on what previous vulnerabilities in phpBB have yielded, but it would be nice
> to know for sure.
It's highly critical. It allows one to inject PHP code.
Please see my next message, I'm releasing my advisory.
>> - Fixed critical issue with highlighting - Discovered and fix provided by
>> Ron van Daal
>
> Does anyone know what the scope of this vulnerability actually is? "Critical
> issue" isn't really enough to go on here. Are we talking arbitrary PHP code
> execution or something lesser like SQL injection or slipping HTML into the
> bbCode? Neither the phpBB Changelog or any advisories seem to mention what
> the scope of this is. I'm guessing it's arbitrary PHP code execution based
> on what previous vulnerabilities in phpBB have yielded, but it would be nice
> to know for sure.
It's highly critical. It allows one to inject PHP code.
Please see my next message, I'm releasing my advisory.
Kind regards,
Syntonix
[ reply ]