AOH :: HP Unsorted S :: BU-1617.HTM

ShareTronix 1.0.4 - HTML Injection Vulnerability



ShareTronix 1.0.4 - HTML Injection Vulnerability
ShareTronix 1.0.4 - HTML Injection Vulnerability



ShareTronix - HTML Injection Vulnerability





Version Affected: 1.0.4 (newest)



Info:

Sharetronix Opensource is a multimedia microblogging platform. 

It helps people in a community, company, or group to exchange short messages over the Web.



Credits: MaXe from InterN0T (patched the vulnerability) & Reelix (found the vulnerability)



External Links:

http://sharetronix.com/opensource/ 





-:: The Advisory ::-

The header.php file for showing a single microblog entry does not sanitize the page_title correct.



page_title is set by the user when posting an entry to the microblog platform.



Files:

sharetronix/system/templates/header.php 

00013: <?= $D->page_title ?>

  

sharetronix/system/templates/mobile/header.php 

00014: <?= $D->page_title ?>





-:: Solution ::-

sharetronix/system/templates/header.php 

00013: <?= htmlentities($D->page_title); ?>

  

sharetronix/system/templates/mobile/header.php 

00014: <?= htmlentities($D->page_title); ?>



Disclosure Information: 

- Vulnerability found 26th January

- Patch was made available 26th January

- Vendor and Buqtraq (SecurityFocus) contacted the 26th January

- Will be disclosed on InterN0T 27th January





All of the best,

MaXe 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.