Ledscripts LedForums Multiple Fileds HTML Injection Vulnerability
2014-07-01T00:00:00
ID SSV:77084 Type seebug Reporter Root Modified 2014-07-01T00:00:00
Description
No description provided by source.
source: http://www.securityfocus.com/bid/8934/info
It has been reported that LedForums is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the 'top_message' and 'topic' fields. This problem is due to insufficient sanitization of user-supplied input.
Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible.
LedForums Beta 1 has been reported to be vulnerable to this issue.
http://www.example.com/~path/index.php?top_message=<script>alert(document.cookie)</script>
http://www.example.com/~path/index.php?top_message=<h1>OWNED?%20*g*</h1>
<script>window.location='http://www.example.org'</script>
{"href": "https://www.seebug.org/vuldb/ssvid-77084", "status": "cve,poc", "history": [], "bulletinFamily": "exploit", "modified": "2014-07-01T00:00:00", "title": "Ledscripts LedForums Multiple Fileds HTML Injection Vulnerability", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-77084", "cvelist": [], "description": "No description provided by source.", "viewCount": 0, "published": "2014-07-01T00:00:00", "sourceData": "\n source: http://www.securityfocus.com/bid/8934/info\r\n\r\nIt has been reported that LedForums is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the 'top_message' and 'topic' fields. This problem is due to insufficient sanitization of user-supplied input.\r\n\r\nSuccessful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible.\r\n\r\nLedForums Beta 1 has been reported to be vulnerable to this issue.\r\n\r\nhttp://www.example.com/~path/index.php?top_message=<script>alert(document.cookie)</script>\r\nhttp://www.example.com/~path/index.php?top_message=<h1>OWNED?%20*g*</h1>\r\n\r\n<script>window.location='http://www.example.org'</script>\n ", "id": "SSV:77084", "enchantments_done": [], "_object_type": "robots.models.seebug.SeebugBulletin", "type": "seebug", "lastseen": "2017-11-19T13:44:40", "reporter": "Root", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments": {"score": {"value": 0.3, "vector": "NONE", "modified": "2017-11-19T13:44:40"}, "dependencies": {"references": [], "modified": "2017-11-19T13:44:40"}, "vulnersScore": 0.3}, "objectVersion": "1.4", "references": []}