Title: TD Forum Cross-Agent Scripting Vulnerability
Severity: HIGH
Description:
TD Forum is commercial web forum software for unix platforms.
TD Forum does not properly sanitize user-supplied input. Any HTML tags submitted in forum messages will not be filtered by TD Forum. An user with malicious intent can submit scripting code (in the form of <SCRIPT>, <EMBED>, etc.) into a forum message which will be executed by the browser of the user viewing the message.
Various attacks may occur as a result of this issue: cookie-based authentication credentials may be stolen, a fake form may be created that causes the victim to disclose information to the attacker, etc. The attack will appear to originate from the site hosting TD Forum.
It has been reported that this vulnerability can be exploited so that the administrator of TD Forum is incapable of deleting the offending message.
This is accomplished by entering a '</FORM>' tag in the message body. The inclusion of this tag in the administrative interface via the message will prevent the form from functioning correctly. The administrator will not be able to delete or modify the malicious message without editing the data files directly.
Affected Products:
- TDavid TD Forum 1.2.0
References:
- tdscripts.com: TD Forum Product Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
