phpwebnews bukutamu.php m_txt Variable XSS

2007-04-12T13:14:17
ID OSVDB:35367
Type osvdb
Reporter the_Edit0r(the_3dit0r@yahoo.com)
Modified 2007-04-12T13:14:17

Description

Vulnerability Description

phpwebnews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm_txt' variable upon submission to bukutamu.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

phpwebnews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm_txt' variable upon submission to bukutamu.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[target]/[path]/bukutamu.php?m_txt=<script>alert(/the_Edit0r/);</script>

References:

Vendor URL: http://sourceforge.net/project/showfiles.php?group_id=111998 Related OSVDB ID: 35365 Related OSVDB ID: 35366 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0199.html ISS X-Force ID: 33641 CVE-2007-2300 Bugtraq ID: 23448