sBLOG index.php p Variable XSS

2006-01-03T00:00:00
ID OSVDB:22373
Type osvdb
Reporter Preddy(lil.turk@email.com)
Modified 2006-01-03T00:00:00

Description

Vulnerability Description

sBLOG contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'p' variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

sBLOG contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'p' variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[target]/blog/index.php?cat=5&date=0&p="><script>alert(document.cookie)</script>

References:

Vendor URL: http://servous.se/ Related OSVDB ID: 22374 Other Advisory URL: http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5771&title=sBLOG%20%C2%A9%202005%20-%20Cross%20Site%20Scripting%20&%20Full%20path%20Disclosure Other Advisory URL: http://osvdb.org/ref/22/22373-sblog.txt ISS X-Force ID: 23979 FrSIRT Advisory: ADV-2006-0041 CVE-2006-0101