← Advisories

TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities

Medium

Advisory ID

ZSL-2011-4990

Release Date

11 February 2011

Vendor

Stan Ozier - http://www.taskfreak.com

Affected Version

0.6.4 (multi-user)

CVE

CVE-2011-1062

Tested On

MS Windows XP Pro SP3-EN, XAMPP (latest)

Summary

TaskFreak! Original is a simple but efficient web based task manager written in PHP.

Description

TaskFreak! suffers from multiple XSS vulnerabilities when parsing input to multiple parameters in different scripts. The vulnerable POST parameters are: 'sContext', 'sort', 'dir' and 'show' thru index.php. Also the GET parameters 'dir' and 'show' thru 'print_list.php' are vulnerable. Header variable 'referer' is vulnerable thru rss.php script. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept

taskfreak_xss.txtTXT

Disclosure Timeline

27.01.2011Vulnerability discovered.

31.01.2011Tried contacting vendor thru their forums.

01.02.20113rd party offered to review vuln details and offered patching.

10.02.2011No response from vendor.

11.02.2011Public advisory released.

Credits

Vulnerability discovered by Gjoko Krstic
High five to Borg

References

[2]http://packetstormsecurity.org/files/98426