lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 9 Sep 2003 19:14:01 -0400 (EDT)
From: "Steven M. Christey" <coley@...re.org>
To: bugtraq@...urityfocus.com
Subject: Re: XSS vulnerability in phpBB (an other ;-)



keupon_ps2@...oo.fr said:

>but this will work (on phbb 2.0.6):
>[url=http://www.google.fr" onclick="alert('Hello')]text[/url]
>
>I don't remeber who has said that it will work on every version of phpBB
>but i've tested it on phpBB 2.0.4 and it doesn't work.
>An other person has said that it only works with this code:
>[url=http://www.google.fr" onclick="alert('Hello');"]text[/url]
>I've tested it on 2.0.6 and it works but the code without the ;" works
>also.

These discrepancies might be due to differences in how web browsers
render "bad" HTML, rather than a quirk in phpBB.

Since the first example URL doesn't have a closing double-quote
character in the onclick value, some browsers may ignore it
altogether.

It seems likely that some types of XSS-style attacks would only work
in certain web browsers.

Which browsers (and versions) were used when testing this bug?

- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ