Title: Ultimate Bulletin Board [IMG] Tag Javascript Embedding Vulnerability
Severity: MODERATE
Description:
Ultimate Bulletin Board is a web based discussion forum, freely available from Infopop. The software provides a number of enhanced features such as private messages, member ratings, and membership based access.
A problem in the beta series of the software makes it possible to retrieve sensitive information from users of the bulletin board and send it to a remote location. This is due to insufficient checking of the posts to the bulletin board.
It is possible to embed one line of functional javascript between the [img] and [/img] tags. This code would be embedded in a message, and executed with each user that replied to the message on the bulletin board. This code could perform a variety of functions, but would be most likely to retrieve sensitive user information, the browser cookie, users ip address, or other information which could lead to attack and exploitation. The limitation of this code is one line with no spaces.
This vulnerability affects the software even after the configuration parameter to allow html posts has been toggled off.
Affected Products:
- Infopop Ultimate Bulletin Board 5.0.0.x Beta
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
