###############################################
Vuln. discovered by : r0t
Date: 21 June 2007
vendor:www.interactole.org
affected versions: tested on "Interact 2.4 beta 1"
other versions also can be affected.
###############################################
Interact contains a multiple flaws that allows a remote Cross-Site Scripting attacks.Input passed to the "module_key" parameter in almost
all files wich use this parameter isn't properly sanitised before being returned to the user.
in example:
modules/kb/kb.php,
modules/quiz/runquiz.php
modules/quiz/quiz.php
modules/forum/forum.php
modules/forum/byname.php
modules/journal/journalview.php
And Input passed to the "tag_key" parameter in "modules/journal/journalview.php" isn't properly sanitised before being returned to the user.
And Input passed to the "user_group_key" parameter in "users/secureaccounts.php" isn't properly sanitised before being returned to the user.
And Input passed to the "request_uri" parameter in "login.php" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment