Jose Ramon Palanco 
GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote attacker can exploit a cross site scripting.
Researcher
José Ramón Palanco: jpalanco@gmail.com
Details
Timeline
- Discovered: 26/10/2006
- Published: 8/01/2007
Vulnerability
Cross Site Scripting
To exploit any attacker may send via GET method the “words” variable to:
\>"<script>alert(document.cookie)</script>
to http://site/search/advanced_search.php?group_id=X&search=1 where X is any active project in the gforge installation.
Products and Versions
- Vendor: GForge
- Product: GForge
- Version: 4.5.11
CPE v2.3
cpe:2.3:a:gforge:gforge:4.5.11:::::::*
OVAL Definitions
| Title | Definition id | Family |
|---|---|---|
| DSA-1475 gforge missing input sanitising | oval:org.mitre.oval:def:7846 | unix |
| DSA-1475-1 gforge cross site scripting | oval:org.mitre.oval:def:18345 | unix |
CVSS Scores & Vulnerability Types
| Name | Value |
|---|---|
| CVSS Score | 6.8 |
| Confidentiality Impact | Partial (There is considerable informational disclosure.) |
| Integrity Impact | Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.) |
| Availability Impact | Partial (There is reduced performance or interruptions in resource availability.) |
| Access Complexity | Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit) |
| Authentication | Not required (Authentication is not required to exploit the vulnerability.) |
| Gained Access | None |
| Vulnerability Type(s) | Cross Site Scripting |
| CWE ID | CWE id is not defined for this vulnerability |
