Edit Report

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2013030025

Below is a copy:

# Author: Infern0_
# Contact: balut2@o2.pl
# Vendor: http://www.invisionpower.com
# Vulnerability: Persistent XSS
# Vendor informated at: 6 February 2013
# Solution: Disable possibility to use HTML in posts - in administrator panel. Default disabled in v.3.4.2 of IP.B, and code in quote tag is sanitized.

IP.B v3.4.1 is already a stable version of this software.

To reproduce this issue follow this steps(Sometimes you won't have to be logged in. It depend on forum preferences, because someone accept to write post for quests):
1.Go to some topic to add a post.
2. Click in BBCode icon to turn it on(enable that) and write this:
[quote name="<script>alert(document.cookie)</script>"]
Doesn't matter what here, for best something conrete to deceive another users
[quote]
3. Accept this post to send, and voila - here it is. Our persistent XSS.

As you can see vulnerable is variable 'name' in quote tag. You can enter there whatever you want to.

Copyright ©2017 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.