advisories,

CVE-2007-0176: GForge Cross Site Scripting vulnerability

Jose Ramon Palanco Jose Ramon Palanco Follow Jan 10, 2007 · 1 min read
CVE-2007-0176: GForge Cross Site Scripting vulnerability
Share this

GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote attacker can exploit a cross site scripting.

Researcher

José Ramón Palanco: jpalanco@gmail.com

Details

Timeline

  • Discovered: 26/10/2006
  • Published: 8/01/2007

Vulnerability

Cross Site Scripting

To exploit any attacker may send via GET method the “words” variable to:

\>"<script>alert(document.cookie)</script>

to http://site/search/advanced_search.php?group_id=X&search=1 where X is any active project in the gforge installation.

Products and Versions

  • Vendor: GForge
  • Product: GForge
  • Version: 4.5.11

CPE v2.3

cpe:2.3:a:gforge:gforge:4.5.11:::::::*

OVAL Definitions

Title Definition id Family
DSA-1475 gforge missing input sanitising oval:org.mitre.oval:def:7846 unix
DSA-1475-1 gforge cross site scripting oval:org.mitre.oval:def:18345 unix

CVSS Scores & Vulnerability Types

Name Value
CVSS Score 6.8
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Cross Site Scripting
CWE ID CWE id is not defined for this vulnerability

References

Jose Ramon Palanco
Written by Jose Ramon Palanco Follow
Jose Ramón Palanco founded Dinoflux at 2014, a Threat Intelligence startup acquired by Telefonica, currently he works for 11paths since 2018. He worked also for Ericsson at R&D department and Optenet (Allot). He studied Telecommunications Engineering at the University of Alcala de Henares and Master of IT Governance at the University of Deusto. He has been a speaker at OWASP, ROOTEDCON, ROOTCON, MALCON, and FAQin... He has published several CVE and different open source tools for cybersecurity like nmap-scada, ProtocolDetector, escan, pma, EKanalyzer, SCADA IDS, ...