Multiple HTML injection vulnerabilities in MyBB Social Sites plug-in

Release date:
Updated on:

Affected Systems:
MyBB Social Sites 0.2.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56949

MyBB Social Sites is a plug-in that can be used to add Social websites.

The MyBB Social Sites plug-in does not verify usercp. php script input. Remote attackers can inject malicious scripts into the webpage using multiple 'profile url' fields. After browsing These webpages, the user will execute arbitrary script code in the browser, steal cookie authentication creden.

<* Source: s3m00t

Link: http://packetstormsecurity.org/files/118843/MyBB-Social-Sites-0.2.2-Cross-Site-Scripting.html
Http://osvdb.org/show/osvdb/88458
Http://xforce.iss.net/xforce/xfdb/80672
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

1. Browse "usercp. php? Action = socialsites ", you will see many fields on the http:// I .imgur.com/0tz98.png.
2. submit the following input to any field:
"/> <Script> alert (1) </script> 3. The input is stored and displayed in the http:// I .imgur.com/Z8bYM.png.

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

MyBB
----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://mods.mybb.com/view/social-sites