iBrowser Plugin v1.4.1 (dir) Remote Cross-Site Scripting Vulnerability
Title: iBrowser Plugin v1.4.1 (dir) Remote Cross-Site Scripting Vulnerability
Advisory ID: ZSL-2011-5044
Type: Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 17.09.2011
Apache 2.2.14 (Win32)
PHP 5.3.1
MySQL 5.1.41
[2] http://secunia.com/advisories/41634
[3] http://www.securityfocus.com/bid/49675
[4] http://securityreason.com/wlb_show/WLB-2011090091
[18.09.2011] - Added reference [1]
[19.09.2011] - Added reference [2]
[20.09.2011] - Added reference [3] and [4]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2011-5044
Type: Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 17.09.2011
Summary
iBrowser is an image browser plugin for WYSIWYG editors like tinyMCE, SPAW, htmlAREA, Xinha and FCKeditor developed by net4visions. It allows image browsing, resizing on upload, directory management and more with the integration of the phpThumb image library.Description
iBrowser suffers from a XSS vulnerability when parsing user input to the 'dir' parameter via GET method in 'random.php' and 'phpThumb.demo.random.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.Vendor
net4visions.com - http://www.net4visions.comAffected Version
<= 1.4.1 Build 10182009Tested On
Microsoft Windows XP Professional SP3 (EN)Apache 2.2.14 (Win32)
PHP 5.3.1
MySQL 5.1.41
Vendor Status
N/APoC
ibrowser_xss.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://packetstormsecurity.org/files/105196[2] http://secunia.com/advisories/41634
[3] http://www.securityfocus.com/bid/49675
[4] http://securityreason.com/wlb_show/WLB-2011090091
Changelog
[17.09.2011] - Initial release[18.09.2011] - Added reference [1]
[19.09.2011] - Added reference [2]
[20.09.2011] - Added reference [3] and [4]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
