|
Comment Board XSS Vulnerability Published: 24 September 2003 Released: 24 September 2003 Affected Systems: Comment Board Vendor: http://www.ymonda.co.uk Issue: Remote attackers can inject XSS script. Description: ============ "Comment Board works straight away with little or no configuration required and provides a wealth of exciting features that will keep your web site visitors coming back for more. Check out our online demo and try a free downloadable version now." Details: ======== It's possibile to inject XSS script in the Topic Title, Name and Message fields. Examples: "><script> this code will hide every thing after it including the the board topics if any attacker write it in the topic title. <script>windows.open("URL");</script> this code will open a new window when the board loaded. Solution: ========= The vendor has been contacted and a patch is not yet produced. Suggestions: ============ Filter all variables. Discovered by / credit: ======================= Bahaa Naamneh b_naamneh@hotmail.com http://www.bsecurity.tk