Full Disclosure mailing list archives
Unpatched phpBB XSS [in 2.0.16]
From: Aaron Horst <anthrax101 () gmail com>
Date: Tue, 5 Jul 2005 16:43:04 -0400
This exploit is already circulating, so I am posting a notice here. There is a way to exploit IE's HTML rendering engine to render invalid HTML code, embedded within a link. This can be used to bypass phpBB's filtering system to cause a cross site scripting issue. A description in Russian is available here: http://antichat.ru/txt/phpbb/ PoC is included with the description. I would advise administrators to disable the rendering of BBCode for the time being, this mitigates the issue. -- AnthraX101 -- PGP Key ID# 0x4CD6D0BD Fingerprint: 8161 D008 3DAB 86C1 2CA3 AEDE 0E21 DBDE 4CD6 D0BD _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Unpatched phpBB XSS [in 2.0.16] Aaron Horst (Jul 05)
- Re: Unpatched phpBB XSS [in 2.0.16] Dominik Birk (Jul 06)