|
#1
|
|||
|
|||
Logistics Việt Nam đang ở đ�u
Severity -------- Malicious users can steal other user's and admin's cookies, allowing them to impersonate other users on the board and access to the administration panel. Problem The problem is very similar to SQL injection. phpBB2 uses a user provided string (through the [IMG] tag) in the following HTML tag: While there is a check to force the string to begin with "http://" it doesn't disallow ". That means a malicious user can escape the src="" in the HTML tag and insert his own html code. This same problem also exists in the remote avatar part of the user profile. Example Enter the following anywhere in a message: When reading that message it should popup an alert box with your cookies. Solutions --------- * Upgrade to 2.0.1 -- XiM (#icerealm on irc.icerealm.net) |
CHUYÊN MỤC ĐƯỢC TÀI TRỢ BỞI |
Công cụ bài viết | |
Kiểu hiển thị | |
|
|
Múi giờ GMT +7. Hiện tại là 05:20 PM |