mvnForum Search Variable XSS

2005-05-19T06:25:37
ID OSVDB:16962
Type osvdb
Reporter Hoang Yen(vnwebmasters@yahoo.com)
Modified 2005-05-19T06:25:37

Description

Vulnerability Description

mvnForum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not properly validate user-supplied input upon submission to the searchprocess script. This could allow a user to create a specially crafted URL that would execute arbitrary code in another user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. An attacker could potentially steal a user's cookie-based authentication data, allowing impersonation or privilege escalation.

Solution Description

Upgrade to version 1.0 RC4_03 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

mvnForum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not properly validate user-supplied input upon submission to the searchprocess script. This could allow a user to create a specially crafted URL that would execute arbitrary code in another user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. An attacker could potentially steal a user's cookie-based authentication data, allowing impersonation or privilege escalation.

References:

Vendor URL: http://www.mvnforum.com/ Vendor Specific Solution URL: http://www.mvnforum.com/mvnforumweb/download.jsp Vendor Specific News/Changelog Entry: http://www.mvnforum.com/mvnforum/viewthread?thread=2691 Vendor Specific News/Changelog Entry: http://www.mvnforum.com/mvnforumweb/docs/CHANGE.txt Nessus Plugin ID:18359 ISS X-Force ID: 20613 CVE-2005-1183 Bugtraq ID: 13213