Mambo emailfaq.php id Variable XSS

2003-01-11T00:00:00
ID OSVDB:7504
Type osvdb
Reporter Mindwarper(mindwarper@hush.com)
Modified 2003-01-11T00:00:00

Description

Vulnerability Description

Mambo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'id' variables upon submission to the 'emailfaq.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Upgrade to version 4.0.12 Beta 2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mambo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'id' variables upon submission to the 'emailfaq.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Vendor URL: http://www.mamboserver.com/ Security Tracker: 1005912 Related OSVDB ID: 7495 Related OSVDB ID: 7505 Related OSVDB ID: 7497 Related OSVDB ID: 7499 Related OSVDB ID: 7500 Related OSVDB ID: 7502 Related OSVDB ID: 7503 Related OSVDB ID: 7496 Related OSVDB ID: 7498 Related OSVDB ID: 7501 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-01/0075.html ISS X-Force ID: 11050 CVE-2003-1204 Bugtraq ID: 6571