Bugtraq mailing list archives
RE: Open Bulletin Board javascript bug.
From: "Nate Pinchot" <npinchot () ccservice cc>
Date: Thu, 28 Feb 2002 09:07:00 -0500
OpenBB is free php-based forum. Exploit: [img]javasCript:alert('Hello world.')[/img] Vulnerable systems: All versions of Open Bulletin Board including v.1.0.0 Immune systems: None Solution: All url's in [img] tags should start with "http://"
I had actually informed them about this bug a long time ago and they informed me they were working on a patch. This was 2 months ago. Since you posted this to bugtraq they finally released a patch. The patch can be found here: http://community.iansoft.net/read.php?TID=5159 For any who care about the technical details of the patch, they did NOT filter [img] tags so that they start with http:// as suggested. They filtered javascript: and some other hex codes. Chances are it is still vulnerable, and I informed them of this, they don't seem to care.
Current thread:
- RE: Open Bulletin Board javascript bug. Nate Pinchot (Feb 28)