Detections
Analytics
PHP-Fusion forum/viewthread.php highlight Parameter XSS
medium Nessus Plugin ID 65616
Language:
Synopsis
The remote web server hosts a PHP script that is affected by a cross-site scripting vulnerability.Description
The version of PHP-Fusion installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user input to the 'highlight' parameter of the 'forum/viewthread.php' script. An unauthenticated, remote attacker may be able to leverage this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.Note that successful exploitation requires that at least one forum thread exists on the target install.
Additionally, this version is also reportedly affected by SQL injection, additional cross-site scripting, and local file inclusion vulnerabilities as well as an information disclosure issue and an arbitrary file deletion issue; however, Nessus did not test for these additional issues.
Solution
There is currently no known solution. Version 7.02.06 reportedly addresses multiple vulnerabilities; however, Tenable has confirmed the cross-site scripting vulnerability in 'viewthread.php' in the 7.02.06 version.See Also
http://www.waraxe.us/advisory-97.html
https://www.php-fusion.co.uk/infusions/news/news.php?readmore=569
Plugin Details
Severity: Medium
ID: 65616
File Name: php_fusion_viewthread_highlight_xss.nasl
Version: 1.7
Type: remote
Family: CGI abuses : XSS
Published: 3/19/2013
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.6
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/a:php_fusion:php_fusion
Required KB Items: www/PHP, www/php_fusion
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 2/27/2013
Reference Information
BID: 58226