Snitz Forums 2000图像标签跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106629 漏洞类型 跨站脚本
发布时间 2002-02-27 更新时间 2006-08-24
CVE编号 CVE-2002-0329 CNNVD-ID CNNVD-200206-053
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/21308
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200206-053
|漏洞详情
SnitzForums20003.3.03及其之前版本存在跨站脚本漏洞。远程攻击者借助IMG标签中的Javascript像其他Forums2000用户一样执行任意脚本。
|漏洞EXP
source: http://www.securityfocus.com/bid/4192/info

Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems.

Snitz Forums 2000 allows users to include images in forum messages using image tags, with the following syntax:

[img]url of image[/img]

It is possible to inject arbitrary script code into forum messages via these image tags. Script code will be executed in the browser of the user viewing the forum message, in the context of the website running the vulnerable software. This may allow an attacker to steal cookie-based authentication credentials. 


[img]javasCript:alert('Hello world.')[/img]
|参考资料

来源:US-CERTVulnerabilityNote:VU#132011
名称:VU#132011
链接:http://www.kb.cert.org/vuls/id/132011
来源:XF
名称:snitz-img-css(8309)
链接:http://www.iss.net/security_center/static/8309.php
来源:BUGTRAQ
名称:20020227RE:OpenBulletinBoardjavascriptbug.
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=101485184605149&w=2
来源:forum.snitz.com
链接:http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
来源:BID
名称:4192
链接:http://www.securityfocus.com/bid/4192
来源:BUGTRAQ
名称:20020227Snitz2000CodePatch(wasRE:OpenBulletinBoardjavascriptbug.)
链接:http://online.securityfocus.com/archive/1/258981