JForum 2.1.9 returnPath Open redirect

2013.09.23
Credit: ZeroDayLab
Risk: Low
Local: No
Remote: Yes
CWE: CWE-601


CVSS Base Score: 5.8/10
Impact Subscore: 4.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: None

ZeroDayLab Advisory - CVE-2012-5338 Author: ZeroDayLab Advisories Software Version: JForum version 2.1.9 Platform: Apache Tomcat 7.0.30 Title: Please RT: URL redirection abuse vulnerability found in JForum version 2.1.9 (latest stable version) - Tweet this Criticality: Medium Description: JForum, a popular opensource java forum (http://www.jforum.net) suffers from a URL redirection abuse vulnerability which allows an attacker to redirect an unsuspecting victim to an alterate website. The criticality of this finding is dependent on an attacker being able to create a forum account (which in most cases due to the nature of the product is easily achieved). This is despite the product features page stating the following: Permissions & Security . Robust security system . Advanced HTML filter, for increased security Proof of concept: The following web request against a jforum installation would redirect an unsuspecting user to the site www.zerodaylab.com , which in turn could be made to mimick the original site and either deliver malware to, or fool the user into providing their credentials: http://127.0.0.1/jforum/jforum.page?module=user&action=validateLogin&returnPath=http://www.zerodaylab.com&username=user&password=pass&redirect=&login=Login Tags: URL redirection abuse, Poor Filtering

References:

http://www.zerodaylab.com/zdl-advisories/2012-5338.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top