Title: OpenBB BBCode Cross Agent HTML Injection Vulnerability
Severity: HIGH
Description:
OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems.
This vulnerability is similar to the issue discussed in BugTraq ID 4171. The vulnerability discussed in BugTraq ID 4171 was fixed in OpenBB 1.0.0 RC3, however this issue bypasses the fix provided in 1.0.0 RC3.
OpenBB version 1.0.0 RC3 is reportedly vulnerable to HTML injection attacks. The vulnerability occurs in the file lib/codeparse.php which replaces HTML code with BBCodes.
OpenBB uses 'BBCodes' in the place of HTML code to include images, links etc. This is meant for HTML functionality without being suceptible to malicious users. However, HTML tags are not adequately replaced with BBCodes. It is possible to inject arbitrary HTML code into forum messages. As a result, OpenBB is prone to cross-agent scripting attacks. Script code will be executed in the browser of the user viewing the forum message and may allow an attacker to steal cookie-based authentication credentials.
Affected Products:
- OpenBB OpenBB 1.0.0.0 RC3
References:
- Prolixmedia: Prolixmedia Web Site
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
