PHP-Fusion submit.php Multiple Variable XSS

2005-06-26T11:25:26
ID OSVDB:17611
Type osvdb
Reporter Easyex()
Modified 2005-06-26T11:25:26

Description

Vulnerability Description

PHP-Fusion contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate news_body, article_description, and article_body variables upon submission to the submit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Upgrade to version 6.00.106 or higher, as it has been reported to fix this vulnerability. In addition, Nick Jones has released a patch for some older versions.

Short Description

PHP-Fusion contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate news_body, article_description, and article_body variables upon submission to the submit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Vendor Specific Advisory URL Secunia Advisory ID:15830 Related OSVDB ID: 17610 Other Advisory URL: http://dark-assassins.com/forum/viewtopic.php?t=145 FrSIRT Advisory: ADV-2005-0888 CVE-2005-2074 Bugtraq ID: 14066