TUCoPS :: HP Unsorted V

TUCoPS :: HP Unsorted V :: va1021.htm
Vanilla <= 1.1.4 Script Injection/ XSS

Vanilla <= 1.1.4 Script Injection/ XSS Vanilla <= 1.1.4 Script Injection/ XSS


##########################################################
# GulfTech Security Research              August 19, 2008
##########################################################
# Vendor : Mark O'Sullivan
# URL : http://www.getvanilla.com/ 
# Version : Vanilla <= 1.1.4
# Risk : Multiple Vulnerabilities
##########################################################


Description:
Vanilla is an open-source, standards-compliant, multi-lingual,
fully extensible web based discussion forum. Unfortunately there
are a couple of issues within Vanilla that allow for a malicious
user to steal client based credentials such as cookies. These
issues include both script injection and cross site scripting.
An updated version of Vanilla has been released and users should
upgrade their Vanilla installation as soon as possible.



Cross Site Scripting:
There is a Cross Site Scripting issue in Vanilla that allow
for theft of client side credentials such as cookies. An example
can be found in people.php. This issue is a result of unsanitized
GPC variables being displayed to the end user.

/people.php?PostBackAction=Apply&NewPassword='">