SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable)

2005.10.26

Credit: sikikmail gmail com

Risk: Low

Local: Yes

Remote: No

CVE: CVE-2005-3367

CWE: N/A

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

SparkleBlog is prone to HTMl injection attacks. It is possible for a malicious SparkleBlog user to inject hostile HTML script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of SparkleBlog.
SparkleBlog does not adequately filter HTMl tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by SparkleBlog
example:
put <script>alert('test')</script> in the "name:" tag in http://localhost/journal.php?id=1
SparkleBlog home page: http://www.creamed-coconut.org/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.