yabbXSS.txt

`  
  
[PersianHacker.NET 200503-08] YaBB2 rc1 XSS  
Vulnerability  
Date: 2005 March  
Bug Number: 08  
bid:12756   
  
  
YaBB   
is a leading free forum software package that rivals  
any professional message board out there. It provides  
a real-time chat and support system for your visitors.  
  
More info @:  
http://www.yabbforum.com/  
  
  
Discussion:  
--------------------  
XSS Vulnerability in 'usersrecentposts' that may allow  
a remote user to launch cross-site  
scripting attacks.  
  
This issue could permit a remote attacker to create a  
malicious URI link that includes  
hostile HTML and script code. If this link were to be  
followed, the hostile  
code may be rendered in the web browser of the victim  
user. This would occur in  
the security context of the affected Web site and may  
allow for theft of cookie-  
based authentication credentials or other attacks.  
  
This vulnerability is reported to exist in YaBB2 rc1,  
other versions might  
also be affected.   
  
Exploit:  
--------------------  
http://www.example.com/YaBB.pl?action=usersrecentposts;username=<IFRAME%20SRC%3Djavascript:alert('XSS-Vulnerability')><%252FIFRAME>  
  
  
Solution:  
--------------------  
no solution at this time.  
  
  
Credit:  
--------------------  
Discovered by PersianHacker.NET Security Team  
by Alireza Hassani (trueend5 yahoo com)  
http://www.PersianHacker.NET  
  
  
Help  
--------------------  
Read our whitepaper about XSS Vulnerability (only in  
FARSI language):  
http://www.persianhacker.net/articles/article-2322.html  
visit: http://www.PersianHacker.NET  
or mail me @: trueend5 yahoo com  
  
& 2 iranians all around the world: Happy 4shanbesoori and Happy New Year  
`