Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-39777: [POC] [CVE-2023-39777]

A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter.

CVE
Open in Source
#xss#vulnerability#web#js#php#auth

[Summary]

I have discovered a Cross-Site Scripting (XSS) vulnerability in vBulletin latest version 6.0.0, which also impacts lower versions. The vulnerability allows an attacker to inject malicious scripts into the Admin Control Panel, potentially leading to unauthorized access, data theft, or further exploitation.

[Description]

The XSS vulnerability can be triggered when an authenticated user accesses to path `/admincp` and try to login to the Admin Control Panel. The vulnerability is due to inadequate input sanitization, allowing an attacker to inject malicious scripts that will execute in the context of the targeted administrator’s session so as to hijack admin’s credential.

[Steps to Reproduce]

1. Log in /admincp in vBulletin Admin Control Panel.

2. Through the ‘url’ parameter, it is possible to inject JS code to escape, bypass white space then trigger XSS.

[Malicious Payload]

Save the changes or perform a relevant action to trigger the execution of the injected script.

The malicious script executes, proving the existence of the XSS vulnerability.

[Affected Versions]

The vulnerability has been confirmed in vBulletin 6 Connect latest version 6.0.0. However, it is likely that the XSS issue also affects lower versions of the software.

[Impact]

An attacker exploiting this vulnerability could gain unauthorized access to the Admin Control Panel and potentially compromise the site’s sensitive data, modify site content, and carry out other malicious actions using the administrator’s privileges.

[Recommendation]

[*] I recommend the following steps to mitigate the XSS vulnerability:

1.Update the vBulletin software to the latest version (if available) to ensure the fix for this vulnerability is applied.

2.Implement proper input validation and output encoding to prevent XSS attacks in various sections of the Admin Control Panel.

3.Conduct a comprehensive security review to identify and address other potential security flaws in the software.

# Shout out to [TP Cyber Security]

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE