0207 979 2067 |

ZeroDayLab Advisory - CVE-2012-5337

Author:

ZeroDayLab Advisories

Software Version:

JForum version 2.1.9

Platform:

Apache Tomcat 7.0.30

Title:

Reflected XSS vulnerabilities found in JForum version 2.1.9 (latest stable version) - Tweet this

Criticality:

High

Description:

JForum, a popular opensource java forum (http://www.jforum.net) suffers from several reflected cross site scripting issues due to lack of filtering of inputs to the 'jforum.page' page.
The following parameters in the 'jforum.page' are all vulnerable (action, match_type, sort_by and start parameters).
This is despite the product features page stating the following:

Permissions & Security
. Robust security system
. Advanced HTML filter, for increased security

Proof of concept:

The follwing GET request will result in the supplied javascript executing:

GET /jforum/jforum.page?module=posts&start=0&forum_id=1&quick=1&disable_html=1&action=insertSave4a9d0%22%3e%3cscript%3ealert%281%29%3c%2fscript%3e5d668e3a93160a27e&topic_id=2 HTTP/1.1

No login is required for the attack shown above.

Tags:

XSS, Cross Site Scripting, Poor Filtering