Re: XSS vulnerability in phpBB (an other ;-)

To: keupon_ps2@xxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: XSS vulnerability in phpBB (an other ;-)
From: Victor Sheldeshov <mrlomax@xxxxxxx>
Date: Tue, 9 Sep 2003 10:09:57 +0400
In-reply-to: <20030908214359.3108.qmail@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20030908214359.3108.qmail@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: Victor Sheldeshov <mrlomax@xxxxxxx>

Hello keupon,

Tuesday, September 9, 2003, 1:43:59 AM, you wrote:

kyf> Hello, i've just found a new xss vulnerability in phpBB 2.0.6 (i'm not
kyf> sure but i don't think that others versions are vulnerable).
kyf> This vulnerability is located in the [url][/url] bbcode.
kyf> You can insert javascript by doing a thing like that:
kyf> [url=www.google.fr" onclick=alert('Hello')]text[/url]

 Think, my phpBB 2.0.5 is not vulnerable.
 I posted "[url=www.google.fr" onclick=alert('Hello')]text[/url]" into
 the body of the post. No URL link appeared, but I saw the whole
 string "[url=www.google.fr" onclick=alert('Hello')]text[/url]" in my
 post.

 Was I wrong? Where do we need to place that string?
 
-- 
Best regards, Victor mailto:mrlomax@xxxxxxx
Topic: Когда правитель говорит об заботе о благе народа, он хочет заручиться 
его доверием для очередного обмана.

References:
- XSS vulnerability in phpBB (an other ;-)
  - From: keupon_ps2

Prev by Date: Re: Microsoft security update broken?
Next by Date: Re: XSS vulnerability in phpBB (an other ;-)
Previous by thread: XSS vulnerability in phpBB (an other ;-)
Next by thread: Re: XSS vulnerability in phpBB (an other ;-)
Index(es):
- Date
- Thread