me.mello Posted June 23, 2012 Report Posted June 23, 2012 $------------------------------------------------------------------------------------------------------------$ vBulletin 4.2.0 XSS Vulnerability $ Author : sangteamtham $ Home : Hcegroup.vn $ Download: http://members.vbulletin.com/ $ Date :06/13/2012 $ Google Dork: "Powered by vBulletin® Version 4.2.0"$ Twitter: http://twitter.com/Sangte_amtham$************************************************************************************************************* 1.vBulletin Description: Content publishing, search, security, and more— vBulletin has it all. Whether it’s available features, support, or ease-of-use, vBulletin offers the most for your money. Learn more about what makes vBulletin the choice for people who are serious about creating thriving online communities.2. Vulnerability Description:To steal cookie from administrator or any member in a forum or drive them to malicious sites, attacker will firstly create an account, then come to calendar section, and create an event for himself. In title, he will inject XSS code there. For sample:"><img src=x onerror=alert(1)> In content section, he will write everything he likes. Now, he will send his profile to Administrator or any memberand wait for cookie or victims' infection.http://127.0.0.1/vbb/member.php?id-xyzvBulletin 4.2 (Suite & Forum) PL2 Security Patch Now Available.A recent vBulletin report indicated that there was a potential XSS exploit vector involving the new Activity Stream. Once the cause of the issue was isolated, code changes were made to eliminate the reported threat.This issue affects ONLY vBulletin 4.2 (Suite & Forum).A patch has been issued for vBulletin 4.2.Patches are available at Please Log In.As with all security-based releases, we recommend that all affected customers upgrade as soon as possible.For additional information, click here Sursa: vBulletin 4.2.0 Cross Site Scripting ? Packet Storm Quote
