MojoPortal 2.3.9.7 Cross Site Scripting

2013-07-31T00:00:00
ID PACKETSTORM:122608
Type packetstorm
Reporter Michael Savage
Modified 2013-07-31T00:00:00

Description

                                        
                                            `Class Stored Cross-Site Scripting  
Remote Yes  
Credit Michael Savage of Dionach (vulns@dionach.com)  
Vulnerable MojoPortal 2.3.9.7  
  
MojoPortal is prone to a stored cross-site scripting vulnerability because it  
does not escape the titles of forum threads when inserting into the page title  
element.  
  
An attacker may leverage this issue to run JavaScript in the context of another  
user's browser.  
  
MojoPortal 2.3.9.7 is known to be vulnerable. Other versions may also be  
vulnerable.  
  
To exploit this issue, an attacker must create a crafted post, for example:  
  
POST /Forums/EditPost.aspx [txtSubject=+</title><script>alert("XSS!")</script>]  
  
The vendor has released an updated version (2.3.9.8) which is believed to  
resolve this issue. See the announcement at  
https://www.mojoportal.com/mojoportal-2398-released  
`