On Wed, Aug 03, 2011 at 06:37:32PM +0600, HAroon . wrote: > *Advisory Information* > > Title: vBulletin Cross Site Scripting Vulnerability > > Date published: 02-08-2011 > > Vendors contacted: vBulletin team > > > > *Vulnerability Information* > > Class: XSS flaw > > Vulnerable page: Admin Login Page (admincp) > > Remotely Exploitable: Yes > > Locally Exploitable: No > > > > *Vulnerability Description* > > vBulletin is a community forum solution for a wide range of users, > including industry leading companies. A XSS vulnerability has been discovered > that could allow an attacker to carry out an action impersonating a legal > user, > or to obtain access to a user's account. > > This flaw allows unauthorized disclosure and modification of information, > and it allows disruption of service. > > > > *Vulnerable versions* > > 4.1.3pl3, 4.1.4pl3 & 4.1.5pl1 > > > > *Non-vulnerable Packages* > > . vBulletin prior to 4.1.3 > > *Vendor Information, Solutions and Workarounds* > > vBulletin team has released patches for this flaw and patch is released on > 02-08-2011. > https://www.vbulletin.com/forum/showthread.php/385133-vBulletin-4.1.3-4.1.4-and-4.1.5-Security-Patch > > > > *Credits* > > This vulnerability was discovered by Muhammad Haroon from Innovative > Solutions KSA. OWASP Chapter Lead of Pakistan. haroon [at] live [dot] it > > > > *Proof of Concept Code* > > This is a Cross Site Scripting (XSS) vulnerability within vBulletin > community forum solution. In order to exploit this flaw following vector would > be used. > > > http://www.example.com/forums/admincp/?";><script>alert('Xss_found_By_M.Haroon')</script> > > > > *Report Timeline* > > 30-07-2011: Notifies the vBulletin team about the vulnerability. > 31-07-2011: vBulletin Team ask for technical description about the flaw > 31-07-2011: Technical Details sent to vbulletin team > 02-08-2011: vBulletin notifies that a fix has been produced and is > available to the users on 2nd August 2011 > 03-08-2011: Vulnerability publicly disclosed.
Did you request CVE-ID for this issue? Best regards, Henri Salo _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
