mailing list archives
Re: CVE Request: Elgg 1.7.10 <= | Multiple Vulnerabilities
From: Josh Bressers <bressers () redhat com>
Date: Fri, 19 Aug 2011 15:17:10 -0400 (EDT)
Please use CVE-2011-2935 for the XSS issue.
CVE-2011-2936 for the SQL injection issue.
----- Original Message -----
The Elgg 1.7.10 and lower versions are vulnerable to Cross Site
Scripting and SQL Injection.
Elgg is an award-winning social networking engine, delivering the
building blocks that enable businesses, schools, universities and
associations to create their own fully-featured social networks and
applications. Well-known Organizations with networks powered by Elgg
include: Australian Government, British Government, Federal Canadian
Government, MITRE, The World Bank, UNESCO, NASA, Stanford University,
Johns Hopkins University and more (http://elgg.org/powering.php)
3. VULNERABILITY DESCRIPTION
The "internalname" parameter is not properly sanitized, which allows
attacker to conduct Cross Site Scripting attack. This may allow an
attacker to create a specially crafted URL that would execute
arbitrary script code in a victim's browser. The "tag_names" is not
properly sanitized, which allows attacker to conduct SQL Injection
4. VERSIONS AFFECTED
Elgg 1.7.10 <=
- Cross Site Scripting
- SQL Injection > Info Disclosure
Upgrade to 1.7.11 or higher.
This vulnerability was discovered by Aung Khant, http://yehg.net, YGN
Ethical Hacker Group, Myanmar.
9. DISCLOSURE TIME-LINE
2011-08-01: vulnerability reported
2011-08-15: vendor released fixed version
2011-08-18: vulnerability disclosed
Original Advisory URL:
Project Home: http://elgg.org/
Vendor Release Note: