Mambo task Parameter XSS

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server hosts a PHP script that is susceptible to a
cross-site scripting attack.

Description :

The version of Mambo installed on the remote host does not sanitize
input to the 'task' parameter of 'index.php' when 'option' is set to
'com_content' before using it to generate dynamic HTML.

An attacker could leverage this issue to inject arbitrary HTML or script
code into a user's browser to be executed within the security context of
the affected site.

Note that this install is likely to be affected by several similar
issues affecting its administrative pages, although Nessus has not
checked for them.

See also :

http://www.nessus.org/u?f09fc11a
http://archives.neohapsis.com/archives/fulldisclosure/2011-06/0512.html
http://www.nessus.org/u?661499ec
http://forum.mambo-foundation.org/showthread.php?t=18481

Solution :

Apply the patch referenced in Mambo Tracker issue #479.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 55511 ()

Bugtraq ID: 48455

CVE ID: