TeamIntell advisory TISA2007-01, Letterman Subscriber Module "Itemid" script insertion vulnerability, impact, mitigation, and contact informatio
`
=========================================================================
TeamIntell Security Advisory TISA2007-01
-------------------------------------------------------------------------
Letterman Subscriber Module "Itemid" Script Insertion
Vulnerability
=========================================================================
Release Date: 14.06.2007
Severity: Less critical
Impact: Cross Site Scripting (XSS)
Status: Official patch available
Software: Letterman Subscriber Module
(mod_letterman)
Developer: http://www.thejfactory.com/
Disclosed: Edi Strosar (TeamIntell)
-------------
Description:
-------------
TeamIntell has reported a vulnerability in Letterman
Subscriber Module (mod_letterman) for Joomla! CMS which
can be exploited by malicious people to conduct script
insertion attacks.
Input passed to the "Itemid" parameter in
mod_lettermansubscribe.php is not properly sanitised
before being used. This can be exploited to insert
arbitrary HTML and script code in a user's browser session
in context of an affected site.
The vulnerability is reported in version 1.2.4-RC1. Other
versions may also be affected.
------------------
Proof of Concept:
------------------
http://localhost/index.php?option=com_letterman&task=view&id=1&Itemid=1"><script>alert(String.fromCharCode(88,83,83))</script>
----------
Solution:
----------
Developer has released version 1.2.5 which fixes this
issue.
---------
Contact:
---------
Maldin d.o.o.
Trzaska cesta 2
1000 Ljubljana - SI
tel: +386 (0)590 70 170
fax: +386 (0)590 70 177
gsm: +386 (0)31 816 400
web: www.teamintell.com
e-mail: [email protected]
------------
Disclaimer:
------------
The content of this report is purely informational and
meant for educational purposes only. Maldin d.o.o. shall
in no event be liable for any damage whatsoever, direct or
implied, arising from use or spread of this information.
Any use of information in this advisory is entirely at
user's own risk.
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo