oss-sec mailing list archives

CVE request (2009): vanilla forums before 1.1.8

From: Hanno Böck <hanno () hboeck de>
Date: Fri, 8 Oct 2010 23:31:59 +0200

http://gsasec.blogspot.com/2009/05/vanilla-v117-cross-site-scripting.html


Input passed to the 'RequestName' header parameter when posting to 
'/ajax/updatecheck.php' is not sanitized before it is returned to the user. 
This can be exploited to execute arbitrary HTML and script code in a user's 
browser session in context of an affected site.

Please note this should be a CVE-2009 id


-- 
Hanno Böck              Blog:           http://www.hboeck.de/
GPG: 3DBD3B20           Jabber/Mail:    hanno () hboeck de

http://schokokeks.org - professional webhosting

Attachment: signature.asc
Description: This is a digitally signed message part.

Current thread:

CVE request (2009): vanilla forums before 1.1.8 Hanno Böck (Oct 08)
- Re: CVE request (2009): vanilla forums before 1.1.8 Josh Bressers (Oct 11)