Lucene search

K

TISA2007-01.txt

🗓️ 15 Jun 2007 00:00:00Reported by Maldin d.o.oType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 16 Views

TeamIntell advisory TISA2007-01, Letterman Subscriber Module "Itemid" script insertion vulnerability, impact, mitigation, and contact informatio

Show more
Code
`  
=========================================================================  
TeamIntell Security Advisory TISA2007-01  
-------------------------------------------------------------------------  
Letterman Subscriber Module "Itemid" Script Insertion   
Vulnerability  
=========================================================================  
  
  
Release Date: 14.06.2007  
Severity: Less critical  
Impact: Cross Site Scripting (XSS)  
Status: Official patch available  
Software: Letterman Subscriber Module   
(mod_letterman)  
Developer: http://www.thejfactory.com/  
Disclosed: Edi Strosar (TeamIntell)  
  
  
-------------   
Description:  
-------------  
  
TeamIntell has reported a vulnerability in Letterman   
Subscriber Module (mod_letterman) for Joomla! CMS which   
can be exploited by malicious people to conduct script   
insertion attacks.  
  
Input passed to the "Itemid" parameter in   
mod_lettermansubscribe.php is not properly sanitised   
before being used. This can be exploited to insert   
arbitrary HTML and script code in a user's browser session   
in context of an affected site.  
  
The vulnerability is reported in version 1.2.4-RC1. Other   
versions may also be affected.  
  
  
------------------  
Proof of Concept:  
------------------  
  
http://localhost/index.php?option=com_letterman&task=view&id=1&Itemid=1"><script>alert(String.fromCharCode(88,83,83))</script>  
  
  
----------  
Solution:  
----------  
Developer has released version 1.2.5 which fixes this   
issue.  
  
  
---------  
Contact:  
---------  
  
Maldin d.o.o.  
Trzaska cesta 2  
1000 Ljubljana - SI  
  
tel: +386 (0)590 70 170  
fax: +386 (0)590 70 177  
gsm: +386 (0)31 816 400  
web: www.teamintell.com  
e-mail: [email protected]  
  
  
------------  
Disclaimer:  
------------  
  
The content of this report is purely informational and   
meant for educational purposes only. Maldin d.o.o. shall   
in no event be liable for any damage whatsoever, direct or   
implied, arising from use or spread of this information.   
Any use of information in this advisory is entirely at   
user's own risk.  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo