CVE-2014-3149 - Reflected Cross-Site Scripting (XSS) in "Invisio

看板Bugtraq作者mail.時間11年前 (2014/07/04 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3149 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in = "Invision Power IP.Board" product Vendor =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Invision Power Services Inc. Product =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D IP.Board "IP.Board is the leading solution for creating an engaging discussion = forum on the web.=20 Trusted by thousands of forums, large and small." - source: = https://www.invisionpower.com/apps/board/ Affected versions =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D This vulnerability affects versions of IP.Board prior 3.4.6 as well as = versions 3.3.x Patch =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The vendor has released patches for versions 3.4.x and 3.3.x at=20 = http://community.invisionpower.com/topic/399747-ipboard-33x-34x-security-u= pdate/ Reported by =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D This issue was reported to the vendor by Christian Schneider = (@cschneider4711)=20 following a responsible disclosure process. Severity =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Low Exploitability =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Clickjacking or social engineering required Description =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Using a specially crafted request to access the web forum software = IP.Board it=20 is possible to execute Reflected Cross-Site Scripting (XSS) attacks. Due = to a=20 token-based CSRF protection the actual exploitation is somewhat limited, = since=20 attackers have to trick victims (using Clickjacking or social = engineering)=20 into submitting an attacker supplied content.=20 Proof of concept =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Due to the responsible disclosure process chosen and to not harm = unpatched systems,=20 no concrete exploit code will be presented in this advisory. References =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D = http://community.invisionpower.com/topic/399747-ipboard-33x-34x-security-u= pdate/ http://www.christian-schneider.net/advisories/CVE-2014-3149.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAlOzCDAACgkQXYAsOfddvFNgVwCggTYy8+9mVPUlXYu4ugzMqsLI z+gAn1RfHeDRt2OfaQuEendLdcvsumtF =3DgrTH -----END PGP SIGNATURE-----

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 mail. 的文章

文章代碼(AID): #1JjPfVkG (Bugtraq)