header-logo
Suggest Exploit
vendor:
User Social Networks MyBB Plugin
by:
Fikri Fadzil
4,3
CVSS
MEDIUM
Cross Site Scripting
79
CWE
Product Name: User Social Networks MyBB Plugin
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: PHP
2014

User Social Networks MyBB Plugin 1.2 – Cross Site Scripting

This plugin allows you to add social networks, or related, in user profiles. The information will be shown in a user profile and visible for anyone who view the profile. Proof of Concept: 1. Login into your account. 2. Go to 'Edit Profile' page at '/usercp.php?action=profile' 3. Update your Social Network ID with '><script>alert(document.cookie)</script><' 4. The result can be seen in multiple places, including your profile page. The script will be executed whenever anyone view your profile. The result can also be seen in threads you involve IF the administrator configure this plugin to allow user's social sites information to be published in every post.

Mitigation:

Replace the content of 'inc/plugins/usersocial.php' with the fix provided
Source

Exploit-DB raw data:

# Exploit Title: User Social Networks MyBB Plugin 1.2 - Cross Site Scripting
# Google Dork: N/A
# Date: 05.09.2014
# Exploit Author: Fikri Fadzil - fikri.fadzil@impact-alliance.org
# Vendor Homepage - N/A
# Software Link: http://mods.mybb.com/view/user-social-networks
# Version: 1.2
# Tested on: PHP


Description:
This plugin allows you to add social networks, or related, in user
profiles. The information will be shown in a user profile and visible for
anyone who view the profile.

Proof of Concept
1. Login into your account.
2. Go to "Edit Profile" page at "/usercp.php?action=profile"
3. Update your Social Network ID with
"><script>alert(document.cookie)</script><"
4. The result can be seen in multiple places, including your profile page.

* The script will be executed whenever anyone view your profile.
** The result can also be seen in threads you involve IF the administrator
configure this plugin to allow user's social sites information to be
published in every post.

Solution:
Replace the content of "inc/plugins/usersocial.php" with this fix:
http://pastebin.com/T1WgcwDB

Navigation

Suggest Exploit

Services By CQR