Flashchat 4.7.11 Cross Site Scripting Vulnerability

2007.04.05

Credit: Reinhardt

Risk: Low

Local: No

Remote: Yes

CVE: GENERIC-MAP-NOMATCH

CWE: CWE-79

Flashchat 4.7.11 Cross Site Scripting Vulnerability
Product: Flash Chat =< 4.7.11
Vendor: http://tufat.com/
Description: FlashChat is a highly customizable PHP/MySQL based chat room script that is easily integrated into a website and mimics IRC in it's command structureExploit(s) /
Vulnerability(ies): FlashChat is vulnerable to Cross Site Scripting in info.php when the 'add room' function is enabled, which is a default setting and therefore very common.
PoC(s): Create a new channel with the following in the title: <script>alert(document.cookie);</script>.
Then join the room, click on "Save", and a session id is displayed.
This could obviously be used for cookie stealing and other malicious attacks.Vendor Status: Vendor was not informed before publication.
Solution: The vendor has yet to publish a solution for the exploit.
Credits:Reinhardt a.k.a xShaDoWx
hackintheb0x@hotmail.com[at]hotmail[dot]com
Greetz to Lostcoders.com

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Flashchat 4.7.11 Cross Site Scripting Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.