Snitz Forums 2000 post.asp type Parameter XSS

medium Nessus Plugin ID 20833

Synopsis

The remote web server contains an ASP script that is prone to a cross- site scripting attack.

Description

The remote host is running Snitz Forums 2000, a web-based electronic forum written in ASP.

The version of Snitz Forums 2000 installed on the remote host fails to sanitize the 'type' parameter before using it in the 'post.asp' script to generate dynamic content. By leveraging this flaw, an attacker may be able to execute arbitrary HTML and script code in a user's browser within the security context of the affected application.

Solution

Upgrade to Snitz Forums 2000 version 3.4.06 or later.

See Also

http://forum.snitz.com/forum/topic.asp?TOPIC_ID=60011

Plugin Details

Severity: Medium

ID: 20833

File Name: snitz_forums_2000_type_xss.nasl

Version: 1.20

Type: remote

Published: 2/1/2006

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: www/ASP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 10/29/2005

Reference Information

CVE: CVE-2005-3411

BID: 15241

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990