BBCode XSS Vulnerabilities in My Blog

Summary

Vulnerability
BBCode XSS Vulnerabilities in My Blog
Discovered
2006.02.13
Last Update
2006.02.16 CVE entry added
ID
EV0079
CVE
CVE-2006-0735
Risk Level
low
Type
Cross Site Scripting
Status
Patched
Vendor
n/a
Vulnerable Software
My Blog (http://fuzzymonkey.net/cgi-bin/download.cgi?file=blog)
Version
My Blog 1.63
PoC/Exploit
Available
Solution
Available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Cross Site Scripting found in My Blog (http://fuzzymonkey.net/cgi-bin/download.cgi?file=blog) script.

Arbitrary script code insertion is possible in BBcode [url] and [img] tags.

PoC/Exploit

BBcode Cross-Site Scripting Examples:

[img]javascript:alert(123)[/img]

[url=javascript:alert(123)]Click me[/url]

Solution.

Install new version: 1.65 or replace BBCode.pm module by new one from:
http://menno.b10m.net/perl/dists/HTML-BBCode-1.05.tar.gz