Detections
Analytics

vBulletin BB Tag XSS

low Nessus Plugin ID 16280

Language:

Synopsis

The remote web server contains a PHP script that is susceptible to a cross-site scripting attack.

Description

According to its banner, the remote version of vBulletin is earlier than 2.3.6 / 3.0.6. Such versions are reportedly affected by a cross-site scripting issue involving its BB code parsing. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

Solution

Upgrade to vBulletin version 2.3.6 / 3.0.6 or later.

See Also

https://seclists.org/fulldisclosure/2005/Jan/546

https://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/130186-vbulletin-3-0-6-and-2-3-6-released?postid=800224#post130186

Plugin Details

Severity: Low

ID: 16280

File Name: vbulletin_xss3.nasl

Version: 1.20

Type: remote

Published: 1/31/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Low

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:vbulletin:vbulletin

Required KB Items: www/vBulletin

Excluded KB Items: Settings/disable_cgi_scanning

Vulnerability Publication Date: 1/16/2005

Reference Information

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990