| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Jul 2014 21:26:47 +0200 From: Christian Schneider <mail@...istian-Schneider.net> To: bugtraq@...urityfocus.com Subject: CVE-2014-3149 - Reflected Cross-Site Scripting (XSS) in "Invision Power IP.Board" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3149 =================== "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "Invision Power IP.Board" product Vendor =================== Invision Power Services Inc. Product =================== IP.Board "IP.Board is the leading solution for creating an engaging discussion forum on the web. Trusted by thousands of forums, large and small." - source: https://www.invisionpower.com/apps/board/ Affected versions =================== This vulnerability affects versions of IP.Board prior 3.4.6 as well as versions 3.3.x Patch =================== The vendor has released patches for versions 3.4.x and 3.3.x at http://community.invisionpower.com/topic/399747-ipboard-33x-34x-security-update/ Reported by =================== This issue was reported to the vendor by Christian Schneider (@cschneider4711) following a responsible disclosure process. Severity =================== Low Exploitability =================== Clickjacking or social engineering required Description =================== Using a specially crafted request to access the web forum software IP.Board it is possible to execute Reflected Cross-Site Scripting (XSS) attacks. Due to a token-based CSRF protection the actual exploitation is somewhat limited, since attackers have to trick victims (using Clickjacking or social engineering) into submitting an attacker supplied content. Proof of concept =================== Due to the responsible disclosure process chosen and to not harm unpatched systems, no concrete exploit code will be presented in this advisory. References =================== http://community.invisionpower.com/topic/399747-ipboard-33x-34x-security-update/ http://www.christian-schneider.net/advisories/CVE-2014-3149.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAlOzCDAACgkQXYAsOfddvFNgVwCggTYy8+9mVPUlXYu4ugzMqsLI z+gAn1RfHeDRt2OfaQuEendLdcvsumtF =grTH -----END PGP SIGNATURE-----
Powered by blists - more mailing lists