Bugtraq mailing list archives

Re: SMF "index.php?action=pm" Cross Site-Scripting

From: lfx4sodas () gmail com
Date: 21 Jan 2007 18:40:09 -0000

SMF 1.1.1 is vulnerabil too.

solution ->
In file PersonalMessage.php change 1417 and 1418 lines adding htmlspecialchars()
like this ->

        $_REQUEST['to'] = empty($_POST['to']) ? (empty($_GET['to']) ? '' : $_GET['to']) : 
htmlspecialchars(stripslashes($_POST['to']));
        $_REQUEST['bcc'] = empty($_POST['bcc']) ? (empty($_GET['bcc']) ? '' : $_GET['bcc']) : 
htmlspecialchars(stripslashes($_POST['bcc']));

Current thread:

SMF "index.php?action=pm" Cross Site-Scripting Advisory (Jan 20)
- Re: SMF "index.php?action=pm" Cross Site-Scripting Lise Moorveld (Jan 26)
- <Possible follow-ups>
- Re: SMF "index.php?action=pm" Cross Site-Scripting lfx4sodas (Jan 22)
- Re: Re: SMF "index.php?action=pm" Cross Site-Scripting alexbove (Jan 22)
- Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting Outlaw (Jan 23)
- Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting sirdarckcat (Jan 26)