BBCode XSS Vulnerability in M. Blom HTML:BBCode

Summary

Vulnerability
BBCode XSS Vulnerability in M. Blom HTML:BBCode
Discovered
2006.02.14
Last Update
2006.02.16 CVE entry added
ID
EV0080
CVE
CVE-2006-0735
Risk Level
medium
Type
Cross Site Scripting
Status
Patched
Vendor
n/a
Vulnerable Software
M. Blom HTML:BBCode (http://menno.b10m.net/perl/)
Version
1.04 1.03 and earlier
PoC/Exploit
Available
Solution
Available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Cross Site Scripting found in M. Blom HTML:BBCode (http://menno.b10m.net/perl/) script.

Arbitrary script code insertion is possible in BBcode [url] and [img] tags.

Vulnerable script file: all scripts which use output to HTML

PoC/Exploit

BBcode Cross-Site Scripting Examples:

[img]javascript:alert(123)[/img]

[url=javascript:alert(123)]Click me[/url]

Solution.

Problem fixed in 1.05 version.

http://menno.b10m.net/perl/dists/HTML-BBCode-1.05.tar.gz