SecurityTracker.com Archives - (Vendor Issues Fix) Re: XOOPS Portal Input Validation Flaw in IMG Tags Lets Remote Users Conduct Cross-Site Scripting Attacks

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Forum/Board/Portal) > XOOPS

Vendors: Xoops.sourceforge.net

(Vendor Issues Fix) Re: XOOPS Portal Input Validation Flaw in IMG Tags Lets Remote Users Conduct Cross-Site Scripting Attacks

SecurityTracker Alert ID: 1005300

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Sep 26 2002

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): RC3.0.4

Description: An input validation vulnerability was reported in the XOOPS portal software. A remote user can cause arbitrary javascript to be executed on an XOOPS user's computer.

It is reported that a remote user can insert javascript in a news post, as shown:

<IMG SRC="javascript:[javascript]">

When the news post is viewed by a target user, arbitrary scripting code will be executed by the target user's browser. The code will originate from the site running XOOPS and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

The vendor has reportedly been notified.

Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with an XOOPS site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Vendor URL: www.xoops.org/modules/news/ (Links to External Site)

Cause: Input validation error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Reported By: Sergio <w4z002@hotmail.com>

Message History: This archive entry is a follow-up to the message listed below.

Sep 24 2002

XOOPS Portal Input Validation Flaw in IMG Tags Lets Remote Users Conduct Cross-Site Scripting Attacks

Source Message Contents

Date: 26 Sep 2002 14:58:20 -0000
From: Sergio <w4z002@hotmail.com>
Subject: Re: Xoops RC3 script injection vulnerability fixed

 

In-Reply-To: <200209241358.g8ODwqx97021@mailserver2.hushmail.com>

RC3.0.5 is released to fix a security vulnerability recently posted on 
Bugtraq ML.

Overview
=======
There was a vunerability when a user previews/submits a news in the News 
module, HTML tags were allowed to process.


Solution
=======
 All users are strongly recommended to download the following packages and 
upgrade to this version.

[b][u][size=large]New Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/viewcat.php?cid=16]Download 
Full RC3.0.5 Package[/url]

[b][u][size=large]RC3.0.4 Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=232]
Download RC3.0.4->RC3.0.5 Upgrade Package (zip)[/url]

[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=231]
Download RC3.0.4->RC3.0.5 Upgrade Package (tar.gz)[/url]


[b][u][size=large]RC3.0.3 Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=187]
Download RC3.0.3->RC3.0.4 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=232]
Download RC3.0.4->RC3.0.5 Upgrade Package (zip)[/url]

[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=186]
Download RC3.0.3->RC3.0.4 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=231]
Download RC3.0.4->RC3.0.5 Upgrade Package (tar.gz)[/url]


[b][u][size=large]RC3.0.2 Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=173]
Download RC3.0.2->RC3.0.3 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=187]
Download RC3.0.3->RC3.0.4 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=232]
Download RC3.0.4->RC3.0.5 Upgrade Package (zip)[/url]

[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=172]
Download RC3.0.2->RC3.0.3 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=186]
Download RC3.0.3->RC3.0.4 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=231]
Download RC3.0.4->RC3.0.5 Upgrade Package (tar.gz)[/url]


[b][u][size=large]RC3.0.1 Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=167]
Download RC3.0.1->RC3.0.2 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=173]
Download RC3.0.2->RC3.0.3 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=187]
Download RC3.0.3->RC3.0.4 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=232]
Download RC3.0.4->RC3.0.5 Upgrade Package (zip)[/url]

[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=160]
Download RC3.0.1->RC3.0.2 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=172]
Download RC3.0.2->RC3.0.3 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=186]
Download RC3.0.3->RC3.0.4 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=231]
Download RC3.0.4->RC3.0.5 Upgrade Package (tar.gz)[/url]


[b][u][size=large]RC3.0.0 Users[/size][/u][/b]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=161]
Download RC3.0.0->RC3.0.1 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=167]
Download RC3.0.1->RC3.0.2 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=173]
Download RC3.0.2->RC3.0.3 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=187]
Download RC3.0.3->RC3.0.4 Upgrade Package (zip)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=232]
Download RC3.0.4->RC3.0.5 Upgrade Package (zip)[/url]

[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=168]
Download RC3.0.0->RC3.0.1 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=160]
Download RC3.0.1->RC3.0.2 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=172]
Download RC3.0.2->RC3.0.3 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=186]
Download RC3.0.3->RC3.0.4 Upgrade Package (tar.gz)[/url]
[url=http://www.xoops.org/modules/mydownloads/singlefile.php?lid=231]
Download RC3.0.4->RC3.0.5 Upgrade Package (tar.gz)[/url]


Note
======
>From this release, users are not allowed to use HTML tags when posting 
news/comments. As for forum posts, users can still use HTML as long as  
HTML tags are enabled in the posting forum. However, we advise you to 
always disable HTML posts in forums as well.

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2002, SecurityGlobal.net LLC