[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070126045342.13533.qmail@securityfocus.com>
Date: 26 Jan 2007 04:53:42 -0000
From: sirdarckcat@...il.com
To: bugtraq@...urityfocus.com
Subject: Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting
Any way, this vulnerability is not dangerous.. because for sending a successful PM request, you need to match the "sid" variable, that is impossible to get unless you already have control of the session.
The correct patch must be added in the theme file "PersonalMessage.template.php" at the begining of the code:
$context["to"]=htmlentities($context["to"]);
$context["bcc"]=htmlentities($context["bcc"]);
Greetz!!
Powered by blists - more mailing lists