Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: etc :: bt61.txt

XOOPS MyTextSanitizer CSS 1.3x & 2.x







Author: Doxical & Magistrat

http://www.blocus-zone.com

Date: 25/04/2003



Object: XOOPS MyTextSanitizer Filtering Bug Allows Remote Users to Conduct 

Cross-Site Scripting Attacks in many modules: News, newbb, private 

messages, signatures etc...

Impact: Disclosure of authentication information, Execution of arbitrary 

code via network, Modification of user information, admin account 

hijacking.

Fix: yes



introduction



After glossary and gallery modules of xoops, we have found an another 

vulnerability in MytextSanitizer function who permit somme CSS injection 

in xoops versions 1.3.x to 2.x 



Description of the MyTextSanitizer script :



This is just the function on xoops who filters the unauthorized characters 

or malicious scripts.



The vulnerability :



A remote user can bypass Sanitizer and conduct cross-site scripting 

attacks with a post in a topic in board (newbb) send malicious private 

message to admin, insert script in the news comment...



Example : 



java script:alert%28document.cookie%29

with img tags



History: 



-the team of xoops.org was prevented on 04/21/2003

-Patch are now available since 04/25/2003



Regards


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH