Possible Cross Site Scripting in Discuz! Board

serverplan · #1 (**permalink**) 07-02-2004, 10.43.07

Advisory Name:Possible Cross Site Scripting in Discuz! Board
Release Date: Feb 5,2004
Application: Discuz! Board
Version Affected: 2.x , 3.x
Platform: PHP
Severity: Low
Discover: Cheng Peng Su(apple_soup_at_msn.com)
Vendor URL: http://www.discuz.com/
################################################
Proof Of Concept:
A thread including:

will be

screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window';}" onmouseover="if(this.resized) this.style.cursor='hand';" onclick="if(this.resized) window.open('http://site/pic.gif');(xss code);a=escape('a');">

So there will be a red 'x' instead of a normal pic,if visitor click the red 'x',the code will be executed.
I think you know why i add " ;a=escape('a " after the xss code.

Exploit:

Strumenti discussione
Visualizza versione stampabile Invia questa pagina via e-mail
Modalità visualizzazione
Modalità lineare Modalità ibrida Modalità elencata

Discussioni simili
Discussione	Autore discussione	Forum	Risposte	Ultimo messaggio
phyton e ssh per google site maps generator	mjfan80	CGI - PERL - SCRIPT	1	31-01-2006 16.16.39
phpBB profile.php Cross Site Scripting Vulnerability	serverplan	Vulnerabilità	0	22-03-2004 21.10.41
New phpBB ViewTopic.php Cross Site Scripting	serverplan	Vulnerabilità	0	29-02-2004 01.44.34
Invision Board Forum	giosil	PHP	1	12-11-2003 23.36.19
invision board	domenicoruggiero	PHP	2	12-11-2003 21.16.19