| VID |
21305 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Invision Power Board package installed on the remote web server is vulnerable to multiple Cross-Site Scripting Vulnerabilities.
Invision Power Board is a PHP-based Web forum software package, distributed by Invision Power Services, Inc. Several versions of Invision Power Board are vulnerable to multiple Cross-Site Scripting Vulnerabilities, caused by insufficient filtering of input supplied via the 'c', 'f', 'showuser', 'username', and 'pop' URI parameters in the vulnerable script. A remote attacker could embed malicious script in these parameters in a specially-crafted HTTP request as the followings:
http://[target_server]/?c='><script>alert(document.cookie)</script>
http://[target_server]/?act=SR&f='><script>alert(document.cookie)</script>
http://[target_server]/?showuser='><script>alert(document.cookie)</script>
http://[target_server]/index.php?act=Reg&CODE=2&coppa_user=0&UserName='><script>alert(document.cookie)</script>
http://[target_server]/index.php?s=&act=chat&pop=1;'><script>alert(document.cookie)</script>
It could allow the embedded scripts to be executed in the browser of a victim user who visits the malicious link, and allow a remote attacker to steal the victim's cookie-based authentication or to perform other attacks.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-03/0082.html
http://archives.neohapsis.com/archives/bugtraq/2004-03/0056.html
* Platforms Affected:
Invision Power Board 1.3 Final
Invision Power Board 1.3.1 Final
Any operating system Any version |
| Recommendation |
No upgrade or patch for this vulnerability available as of June 2014. |
| Related URL |
CVE-2004-0359 (CVE) |
| Related URL |
9768 (SecurityFocus) |
| Related URL |
15403,15448 (ISS) |
|
