Bug 346499

Summary:	<www-apps/phpBB-3.0.8: Persistent XSS Vulnerability
Product:	Gentoo Security	Reporter:	Tim Sammut (RETIRED) <underling>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	web-apps
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.phpbb.com/support/documents.php?mode=changelog&version=3#v307-PL1
Whiteboard:	~4 [noglsa]
Package list:		Runtime testing required:	---

Description Tim Sammut (RETIRED) gentoo-dev

2010-11-23 05:18:54 UTC

From the Secunia advisory at http://secunia.com/advisories/42343/:

DESCRIPTION:
A vulnerability has been reported in phpBB, which can be exploited by
malicious users to conduct script insertion attacks.

Input passed via the "[flash=]" BBCode parameter when creating a post
is not properly sanitised before being used in
includes/message_parser.php. This can be exploited to insert
arbitrary HTML and script code, which will be executed in a user's
browser session in context of an affected site when the malicious
data is being viewed.

The vulnerability is reported in versions prior to 3.0.8.

Comment 1 Tim Harder gentoo-dev

2011-02-07 23:37:38 UTC

3.0.8 is now in CVS.

Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2011-02-08 07:39:51 UTC

(In reply to comment #1)
> 3.0.8 is now in CVS.

Thank you. Could you also remove previous, vulnerable versions from the tree?

Comment 3 Tim Harder gentoo-dev

2011-02-10 00:51:21 UTC

(In reply to comment #2) 
> Thank you. Could you also remove previous, vulnerable versions from the tree?

Sorry, I forgot to do that. Done now. :)

Comment 4 Tim Sammut (RETIRED) gentoo-dev

2011-02-10 06:46:39 UTC

Thanks folks. Closing noglsa.