Saturday, 01 August 2009 00:00
The Joomla component Joo!BB 0.9.1 suffers from multiple persistent XSS vulnerabilities in its BBCode implementation, as well as Blind SQL Injection in its search feature.
Nested [img] XSS
Nested [url] XSS
BBCode [color] Tag Injection
BBCode [url] Location XSS
BBCode [font] Tag Injection
[font=Impact, Compacta, Chicago, sans-serif;color:red;]XSS[/font]
BBCode [table] Tag XSS
Blind SQL Injection/index.php?tmpl=component&option=com_joobb&view=search&searchwords=%' and SUBSTRING(@@version,1,1)=5 -- 'If MySQL is version 5, this will return results. Otherwise, no results.
These vulnerabilities have been patched and users are strongly urged to update to 0.9.1 Patch 1
- Vulnerabilities Discovered: 26 July 2009
- Vendor Notified: 27 July 2009
- Vendor Response: 29 July 2009
- Update Available: 01 August 2009
- Disclosure: 01 August 2009
Last Updated on Thursday, 30 September 2010 17:39
The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Jeff Channell is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project.