XSS Vulnerability in Tag Board

Summary

Vulnerability
XSS Vulnerability in Tag Board
Discovered
2006.08.21
Last Update
2006.08.31 Exploitation code published
ID
EV0137
CVE
n/a
Risk Level
low
Type
Cross Site Scripting
Status
Unpatched. No reply from developer(s)
Vendor
CloudNine Interactive (http://www.cloudnineinteractive.co.uk/)
Vulnerable Software
Tag Board (http://www.cloudnineinteractive.co.uk/stuffforyou.htm)
Version
3.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Cross Site Scripting found in Tag Board (http://www.cloudnineinteractive.co.uk/stuffforyou.htm) script.

Cross-Site Scripting.

Vulnerable Script: tag.php

Parameter cjmsg is not properly sanitized. This can be used to post arbitrary HTML or web script code.

PoC/Exploit

Cross-Site Scripting Example.

URL: http://host/index.php
Message: [url=aaa.com" onmouseover="alert(123)" aa="]aaaa[/url]


Solution.

Solution for "XSS Vulnerability in Tag Board" is not available. Check CloudNine Interactive website for updates.