Bugtraq mailing list archives
CSS in ikonboard 3.0.1,3.0.2,3.0.3
From: Max Speed <maxspeed017 () hotmail com>
Date: 20 Mar 2002 05:14:27 -0000
author: Maxspeed vendor statues: they have been informed Vulnerable versions: ikonboard 3.0.1 ikonboard 3.0.2 ikonboard 3.0.3(the version they use on their site) Severity: Malicious users can steal session cookies, allowing administrative access to the admin panel Problem: Ok the problem is in the way the [img] tags check for the "http://". The [img] tags checks for the "http://" when you posting a new topic but it doesnt check for it while your editing one. So it will allow you to insert malacious code while you editing a post. Proof of concept: Make a new post, then "EDIT" the post and in the body of the post insert this code [IMG]javascript:alert(document.cookie)[/IMG] an alert box should pop up displaying your cookies! Fix: make [IMG] tags check for "http://" when editing a post. Maxspeed017 () yahoo com
Current thread:
- CSS in ikonboard 3.0.1,3.0.2,3.0.3 Max Speed (Mar 20)
- <Possible follow-ups>
- RE: CSS in ikonboard 3.0.1,3.0.2,3.0.3 Michael Ginese (Mar 21)