e107 Login Name/Author XSS

2004-05-06T16:16:18
ID OSVDB:5982
Type osvdb
Reporter SmOk3 (smok3@systemsecure.org)
Modified 2004-05-06T16:16:18

Description

Vulnerability Description

E107 version 0.614 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables "login name/author" upon submission to the "news submit" and "article submit" scripts with guest user privilege. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Upgrade to version 0.615 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

E107 version 0.614 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables "login name/author" upon submission to the "news submit" and "article submit" scripts with guest user privilege. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Vendor URL: http://e107.org Vendor Specific Solution URL: http://e107.org/download.php?list.2 Security Tracker: 1010084 Secunia Advisory ID:11567 ISS X-Force ID: 16087 CVE-2004-2261 Bugtraq ID: 10293