New eVuln Advisory:

MyBB 'Avatar URL' XSS Vulnerability

http://evuln.com/vulns/132/summary.html

--------------------Summary----------------

eVuln ID: EV0132

Vendor: MyBB Group

Vendor's Web Site: http://www.mybboard.com/

Software: MyBB

Sowtware's Web Site: http://www.mybboard.com/

Versions: 1.1.6 and earlier

Critical Level: Moderate

Type: Cross-Site Scripting

Class: Remote

Status: Unpatched. No reply from developer(s)

PoC/Exploit: Available

Solution: Available

Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------

Every user has an ability to edit his avatar URL. Avatar URL is not properly sanitized. This can be used to post arbitrary web script code using 'Tab' symbol.

--------------PoC/Exploit----------------------

Available at: http://evuln.com/vulns/132/exploit.html

--------------Solution---------------------

Solution is available at vendors web site:

Upgrade you copy of MyBB to the 1.1.7 version.

http://www.mybboard.com/

--------------Credit-----------------------

Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Regards,

Aliaksandr Hartsuyeu

http://evuln.com - Penetration Testing Services

[ reply ]