vBulletin register.php cross-site scripting

vbulletin-register-xss (12851) The risk level is classified as MediumMedium Risk

Description:

vBulletin is vulnerable to cross-site scripting, caused by the improper filtering of user-supplied input in the register.php script. A remote attacker could embed malicious JavaScript within user information fields when registering as a new customer. When an administrator views the new member listing, the script would be executed, allowing the attacker to control administrative tasks.

Platforms Affected:

  • Jelsoft Enterprises, vBulletin 3.0.0 Beta 2

Remedy:

Upgrade to the latest version of vBulletin (23.4 or later), available from the vBulletin Web site. See References.

Consequences:

Gain Access

References:

  • BugTraq Mailing List, Thu Feb 12 2004 - 12:27:38 CST, Cross Site Scripting in VBulletin forum software at http://archives.neohapsis.com/archives/bugtraq/2004-02/0358.html.
  • BugTraq Mailing List, Tue Jan 20 2004 - 12:06:08 CST, vBulletin Security Vulnerability at http://archives.neohapsis.com/archives/bugtraq/2004-01/0176.html.
  • vBulletin Web site, vBulletin Web site at http://www.vbulletin.com/.
  • VulnWatch Mailing List, Fri Aug 08 2003 - 09:53:53 CDT , VBulletin New Member XSS Vulnerability at http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0078.html.
  • BID-8354: vBulletin Register.PHP HTML Injection Vulnerability
  • BID-9649: JelSoft VBulletin Cross-Site Scripting Vulnerability
  • CVE-2003-1031: Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) Interests-Hobbies, (2) Biography, or (3) Occupation.
  • CVE-2004-0091: ** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying There is no hidden field called reg_site
  • SECTRACK ID: 1008780: [Vendor Disuptes Claim] vBulletin register.php Input Validation Flaw Permits Cross-Site Scripting Attacks

Reported:

Aug 08, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page