Re: [myimei]MyBB 1.0.2 XSS attack in search.php

["Steven M. Christey" <coley () mitre org>]

The advisory says:

> Status: patched in 1.0.3
...
> ?????Solution???????
> No Patch available.
> (bug reported to vendor today)

I'm confused.  One part of this advisory says there's a patch
available, one part says there isn't.  (By the way, this is an example
of the "inconsistent" property of security advisories, in which most
advisories are either incomplete, inaccurate, inconsistent, or
incomprehensible, i.e. the Four I's principle)

It does not appear to be fixed, or at least the MyBB community forums
do not say anything.

For those keeping track at home, this is a different attack vector
than the sortby/sortorder (sorder) vectors identified by
CVE-2006-0470, which also happened to affect search.php in MyBB 1.0.2,
and appear to have been fixed by the vendor along with some other
issues if you review the manual patch [1].

- Steve

[1] http://community.mybboard.net/showthread.php?tid=6418