Falt4Extreme index.php handler Variable XSS

2007-12-10T00:00:00
ID OSVDB:39183
Type osvdb
Reporter OSVDB
Modified 2007-12-10T00:00:00

Description

Vulnerability Description

Falt4Extreme contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'handler' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Upgrade to version RC4 after 2007-12-10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

http://[target]/falt4/index.php?handler=>"><script>alert(3)</script>&nav_ID=1

References:

Vendor Specific News/Changelog Entry: http://sourceforge.net/forum/forum.php?forum_id=762931</a> Secunia Advisory ID:28045 Other Advisory URL: http://www.h-labs.org/blog/2007/12/05/falt4_cms_security_report_advisory.html Generic Exploit URL: http://www.milw0rm.com/exploits/4711 CVE-2007-6310 Bugtraq ID: 26786