[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting
- From: david.kurz@xxxxxxxxxxxxxxxxx
- Date: 9 Jun 2010 08:16:51 -0000
[MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting
Details
=======
Product: Invision Power Board
Security-Risk: moderated
Remote-Exploit: yes
Vendor-URL: http://www.invisionpower.com
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php
Affected Products:
----------------------------
Invision Power Board 3.0.5 and prior
Introduction
============
Invision Power Board is a widely used forums script.
More Details
============
Input passed to the calendar app (which is one of the core modules inside
invision power board) is not properly sanitised before being stored and
returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.
The calendar can be shown on every page of the invision board, so that in fact
this is a serious security issue.
Solution
=============
Web applications should never trust on user generated input and therefore
sanatize all input.
MajorSecurity
================
MajorSecurity is a German penetrationtesting and security research company
which focuses
on web application security. We offer professional penetrationstest, security
audits,
source code reviews.