The Joomla component EasyBook 2.0.0rc4 suffers from multiple persistent XSS vulnerabilities. One seems fairly critical, while the others would take some incredible creativity to actively exploit.
- Allow BBCode - on (default)
- Allow Pictures - on (not default)
Website URL XSS
- Show web site field: Show (default)
foo.com" onmouseover="alert(String.fromCharCode(88,83,83));return false;
Requires minimal user interaction
Skype/Yahoo Username XSS
Very narrow scope, as entries are truncated. XSS still technically possible. Requires user interaction.
AIM/MSN Username XSS
Again, narrow scope. See 3.
ICQ username is similar, but scope seems too narrow to exploit.
- Vulnerabilities Discovered: 10 July 2009
- Vendor Notified: 10 July 2009
- Vendor Response: 13 July 2009
- Update Available: ... 2009
- Disclosure: 17 September 2009
The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Jeff Channell is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project.