Stored XSS issue and REQUEST_URI XSS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Eventum |
Fix Released
|
High
|
Bryan Alsdorf |
Bug Description
Affected version: 2.2 and 2.3
Date discovered: 19.01.2011
Eventum suffers from a cross-site scripting vulnerability. The persistent XSS issue is triggered when input passed via the 'keywords' parameter to the list.php script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML
and script code in a user's browser session in context of an affected site. Or, you can trigger the issue when parsing the string <script>
Tested on: (xampp)
- Microsoft Windows XP Professional SP3 (EN)
- Apache 2.2.14 (Win32)
- PHP 5.3.1
- MySQL 5.1.41
http://
http://
http://
http://
Waiting for confirmation and fix release for advisory release at http://
Thanks,
Gjoko
Related branches
Changed in eventum: | |
importance: | Undecided → High |
assignee: | nobody → Bryan Alsdorf (balsdorf) |
A fix has been committed and we are discussing if we can do a complete release right now, or just release a patch. I will keep you informed, feel free to ping me on IRC to discuss.