Title: PHPBB Image Tag User-Embedded Scripting Vulnerability
Severity: MODERATE
Description:
phpBB is free, open-source web forums software that is written in PHP and backended by MySQL. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems.
phpBB includes functionality to allow forum users to post images in messages. To post an image, a user simply includes a link to the image inside of [img] tags. However, phpBB does not adequately filter script code from image tags. It is possible for an attacker to post a maliciously constructed forum message which contains arbitrary script code. When the message is viewed by legitimate users of the website, the script code will be executed in their web browser, in the context of the website running the vulnerable software.
This issue may be exploited by an attacker to steal cookie-based authentication credentials from legitimate users of the forum software.
It should be noted that an attempt was made to address this issue in version 1.4.4. However, it has been found that script code was only being filtered from image tags when a new post was created. An attacker may still go back and edit a post to include malicious image tags containing script code.
phpBB2 releases are reportedly not affected by this issue.
Affected Products:
- phpBB Group phpBB 1.0.0 .0
- phpBB Group phpBB 1.2.0 .0
- phpBB Group phpBB 1.2.1
- phpBB Group phpBB 1.4.0 .0
- phpBB Group phpBB 1.4.1
- phpBB Group phpBB 1.4.2
- phpBB Group phpBB 1.4.4
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
