XOOPS version 2.5.4 and probably prior suffers from multiple cross-site scripting (XSS) vulnerabilities:
Input passed via the "to_userid" POST parameter to "modules/pm/pmlite.php", "current_file" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php", "imgcat_id" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php", "target" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php" scripts are not properly sanitised before being returned to the user.
Vulnerability ID: HTB23062
Vendor Notification / Patch / Public Disclosure Dates: 7 December 2011 / 22 February 2012 / 18 April 2012
Vulnerabilities Type: Cross-Site Scripting (XSS)
Risk level: Medium
Solution: Fixed by Vendor, Upgrade to 2.5.5 version
Credit: High-Tech Bridge SA Security Research Lab
About XOOPS
XOOPS is a web application platform written in PHP for the MySQL database. Its object orientation makes it an ideal tool for developing small or large community websites, intra company and corporate portals, weblogs and much more.
About High-Tech Bridge SA Security Research Lab
High-Tech Bridge SA Security Research Lab is a unit of High-Tech Bridge's Research & Development Department. Security Advisories are provided on a non-profit base in accordance to Corporate Social Responsibility, with the aim of helping various software vendors to improve security of their products.
No comments:
Post a Comment