lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 9 Jun 2010 08:16:51 -0000 From: david.kurz@...orsecurity.net To: bugtraq@...urityfocus.com Subject: [MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting [MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting Details ======= Product: Invision Power Board Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.invisionpower.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity.info/penetrationstest.php Affected Products: ---------------------------- Invision Power Board 3.0.5 and prior Introduction ============ Invision Power Board is a widely used forums script. More Details ============ Input passed to the calendar app (which is one of the core modules inside invision power board) is not properly sanitised before being stored and returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The calendar can be shown on every page of the invision board, so that in fact this is a serious security issue. Solution ============= Web applications should never trust on user generated input and therefore sanatize all input. MajorSecurity ================ MajorSecurity is a German penetrationtesting and security research company which focuses on web application security. We offer professional penetrationstest, security audits, source code reviews.
Powered by blists - more mailing lists