BugTraq
Back to list
|
Post reply
XSS vulnerability in guestbook-php-script
Feb 13 2006 04:30PM
Micha Borrmann (borrmann syss de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------
SySS-Advisory: XSS-vulnerability in guestbook-php-script
- -------------------------------------------------------------------
Problem discovered: February 3d 2006
Vendor contacted: February 7th 2006
Advisory published: February 13th 2006
AUTHOR: Micha Borrmann (borrmann (at) syss (dot) de [email concealed])
SySS GmbH
D-72070 Tuebingen / Germany
APPLICATION: gastbuch
AFFECTED VERSION: all < 1.3.3 (1.3.2 tested)
Remotely exploitable: Yes
SEVERITY: Medium
DESCRIPTION:
The guestbook software published on http://www.php4scripte.de/gast.php
allows HTML- and javascriptcode to be injected in the "URL"-field.
EXAMPLE:
http://www.site.com/"<script>alert(123)</script>"
VENDOR STATUS: The vendor published a fixed version (1.3.3) on
http://www.php4scripte.de
less than five hours after the problem was reported.
-----BEGIN PGP SIGNATURE-----
iD8DBQFD8LQv5r2byszldyARAl9IAJ9n+jrUZnCExYy2B+Gc3nbDZ7h6EQCfYi4q
sPY/y7iexfBvUzOoq69DnuQ=
=XMsJ
-----END PGP SIGNATURE-----
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Hash: SHA1
- -------------------------------------------------------------------
SySS-Advisory: XSS-vulnerability in guestbook-php-script
- -------------------------------------------------------------------
Problem discovered: February 3d 2006
Vendor contacted: February 7th 2006
Advisory published: February 13th 2006
AUTHOR: Micha Borrmann (borrmann (at) syss (dot) de [email concealed])
SySS GmbH
D-72070 Tuebingen / Germany
APPLICATION: gastbuch
AFFECTED VERSION: all < 1.3.3 (1.3.2 tested)
Remotely exploitable: Yes
SEVERITY: Medium
DESCRIPTION:
The guestbook software published on http://www.php4scripte.de/gast.php
allows HTML- and javascriptcode to be injected in the "URL"-field.
EXAMPLE:
http://www.site.com/"<script>alert(123)</script>"
VENDOR STATUS: The vendor published a fixed version (1.3.3) on
http://www.php4scripte.de
less than five hours after the problem was reported.
-----BEGIN PGP SIGNATURE-----
iD8DBQFD8LQv5r2byszldyARAl9IAJ9n+jrUZnCExYy2B+Gc3nbDZ7h6EQCfYi4q
sPY/y7iexfBvUzOoq69DnuQ=
=XMsJ
-----END PGP SIGNATURE-----
[ reply ]