Limbo CMS admin.php com_option Variable XSS

2007-12-25T00:00:00
ID OSVDB:39642
Type osvdb
Reporter OSVDB
Modified 2007-12-25T00:00:00

Description

Vulnerability Description

Limbo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'com_option' variables upon submission to the 'admin.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[target]/admin.php?com_option=>"'><SCRIPT>a=/XSS/;alert(a.source)</SCRIPT>

References:

Secunia Advisory ID:28190 Other Advisory URL: http://www.digitrustgroup.com/advisories/web-application-security-limbo-cms.html ISS X-Force ID: 39207 FrSIRT Advisory: ADV-2007-4317 CVE-2007-6564 Bugtraq ID: 27027