Text :  

ShareTronix - HTML Injection Vulnerability

Version Affected: 1.0.4 (newest)

Info:

Sharetronix Opensource is a multimedia microblogging platform.
It helps people in a community, company, or group to exchange short
messages over the Web.
Credits: MaXe from InterN0T (patched the vulnerability) & Reelix (found
the vulnerability)



External Links:

http://sharetronix.com/opensource/

-:: The Advisory ::-

The header.php file for showing a single microblog entry does not sanitize
the page_title correct.

page_title is set by the user when posting an entry to the microblog
platform.

Files:

sharetronix/system/templates/header.php

00013: <title><?= $D->page_title ?></title>



sharetronix/system/templates/mobile/header.php

00014: <title><?= $D->page_title ?></title>





-:: Solution ::-

sharetronix/system/templates/header.php

00013: <title><?= htmlentities($D->page_title);
?></title>

sharetronix/system/templates/mobile/header.php

00014: <title><?= htmlentities($D->page_title);
?></title>


Disclosure Information:

- Vulnerability found 26th January
- Patch was made available 26th January
- Vendor and Buqtraq (SecurityFocus) contacted the 26th January
- Will be disclosed on InterN0T 27th January

All of the best,

MaXe

  References :  

None