Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 387275 - <app-shells/posh-3.1.2 Cross-Site Scripting and File Inclusion
Summary: <app-shells/posh-3.1.2 Cross-Site Scripting and File Inclusion
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: http://www.exploit-db.com/exploits/17...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-10-16 06:52 UTC by Michael Harrison
Modified: 2011-10-16 13:23 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Harrison 2011-10-16 06:52:08 UTC 
1) Input passed to the "lang" parameter in portal/scr_changelang.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.

2) Input passed to the "message" parameter in portal/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Comment 1 Agostino Sarubbo gentoo-dev 2011-10-16 13:23:52 UTC 
Michael,

before opening you should do a bit search, this xss is reported in a web-app application[1]. app-shell/posh is a different application.

[1]: http://sourceforge.net/projects/posh/