Jax Guestbook jax_guestbook.php Multiple Variable XSS

2005-08-05T10:02:03
ID OSVDB:18568
Type osvdb
Reporter Lostmon Lords(Lostmon@gmail.com)
Modified 2005-08-05T10:02:03

Description

Vulnerability Description

Jax Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the jax_guestbook.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Jax Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the jax_guestbook.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/guestbook/jax_guestbook.php?page=2&language=english&guestbook_id=0&gmt_ofs=0[XSS-CODE] http://[victim]/guestbook/jax_guestbook.php?page=2&language=english[XSS-CODE]&guestbook_id=0&gmt_ofs=0 http://[victim]/guestbook/jax_guestbook.php?page=2[XSS-CODE]&language=english&guestbook_id=0&gmt_ofs=0 http://[victim]/guestbook/jax_guestbook.php?mailto=9aa43a5efc2585681c97993d777bcd41&language=english[XSS-CODE]

References:

Vendor URL: http://www.jtr.de/scripting/php/ Secunia Advisory ID:16337 Related OSVDB ID: 18572 Related OSVDB ID: 18569 Related OSVDB ID: 18570 Related OSVDB ID: 18571 Other Advisory URL: http://lostmon.blogspot.com/2005/08/jax-php-scripts-multiple.html Bugtraq ID: 14481