TinyBrowser Multiple XSS

This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.


Synopsis :

The remote web server contains a PHP application that is affected by
multiple cross-site scripting vulnerabilities.

Description :

TinyBrowser, an open source web file browser, is running on the remote
host. TinyBrowser is typically bundled with web applications, such as
TinyMCE WYSIWYG content editor or the Joomla! content management
system, although it can also be used in its standalone configuration
or integrated with other custom web applications.

The version of the TinyBrowser component running on the remote host is
affected by multiple cross-site scripting (XSS) vulnerability in
/tinybrowser/upload.php due to improper sanitization of user-supplied
input to the 'goodfiles', 'badfiles' and 'dupfiles' parameters before
using it to generate dynamic HTML content. An unauthenticated, remote
attacker can exploit these to inject arbitrary HTML and script code
into the user's browser session.

Note that this version of TinyBrowser may be affected by several other
vulnerabilities that allow an unauthenticated user to view, upload,
delete, and rename files and folders on the affected host, or to
launch cross-site request forgery attacks using the application.
However, Nessus has not checked for these.

See also :

http://www.nessus.org/u?bb00c05f
http://seclists.org/fulldisclosure/2009/Jul/462
http://seclists.org/fulldisclosure/2009/Jul/464

Solution :

It could not be determined if TinyBrowser is used in a standalone
configuration. If used with Joomla! 1.5.12, upgrade to Joomla! version
1.5.13.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 40493 ()

Bugtraq ID: 35855

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now