XSS vulnerability in guestbook-php-script

2006-02-14T00:00:00
ID SECURITYVULNS:DOC:11419
Type securityvulns
Reporter Securityvulns
Modified 2006-02-14T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


SySS-Advisory: XSS-vulnerability in guestbook-php-script


Problem discovered: February 3d 2006 Vendor contacted: February 7th 2006 Advisory published: February 13th 2006

AUTHOR: Micha Borrmann (borrmann@syss.de) SySS GmbH D-72070 Tuebingen / Germany

APPLICATION: gastbuch AFFECTED VERSION: all < 1.3.3 (1.3.2 tested)

Remotely exploitable: Yes

SEVERITY: Medium

DESCRIPTION: The guestbook software published on http://www.php4scripte.de/gast.php allows HTML- and javascriptcode to be injected in the "URL"-field.

EXAMPLE: http://www.site.com/"<script>alert(123)</script>"

VENDOR STATUS: The vendor published a fixed version (1.3.3) on http://www.php4scripte.de less than five hours after the problem was reported.

-----BEGIN PGP SIGNATURE-----

iD8DBQFD8LQv5r2byszldyARAl9IAJ9n+jrUZnCExYy2B+Gc3nbDZ7h6EQCfYi4q sPY/y7iexfBvUzOoq69DnuQ= =XMsJ -----END PGP SIGNATURE-----