vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.
From: meto5757@xxxxxxxxxxx
Date: 2 Mar 2007 05:06:01 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

vBulletin® v3.6.5 has an xss vuln in admincp/index.php in rss feed .

exactlly in add rss url

by adding :  "><script>alert(document.cookie);</script>

a cool messege box appear with cookies ;)


earlier versions affected also .
-----------------------------------------------------------------------------
Discovered by meto5757


-----------------------------------------------------------------------------

Prev by Date: [ GLSA 200703-03 ] ClamAV: Denial of Service
Next by Date: ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
Previous by thread: [ GLSA 200703-03 ] ClamAV: Denial of Service
Next by thread: ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
Index(es):
- Date
- Thread