← Advisories

iBrowser Plugin v1.4.1 (dir) Remote Cross-Site Scripting Vulnerability

Medium

Advisory ID

ZSL-2011-5044

Release Date

17 September 2011

Vendor

net4visions.com - http://www.net4visions.com

Affected Version

<= 1.4.1 Build 10182009

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (EN), Apache 2.2.14 (Win32), PHP 5.3.1, MySQL 5.1.41

Summary

iBrowser is an image browser plugin for WYSIWYG editors like tinyMCE, SPAW, htmlAREA, Xinha and FCKeditor developed by net4visions. It allows image browsing, resizing on upload, directory management and more with the integration of the phpThumb image library.

Description

iBrowser suffers from a XSS vulnerability when parsing user input to the 'dir' parameter via GET method in 'random.php' and 'phpThumb.demo.random.php'. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept

ibrowser_xss.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://packetstormsecurity.org/files/105196

[2]http://secunia.com/advisories/41634

[3]http://www.securityfocus.com/bid/49675

[4]http://securityreason.com/wlb_show/WLB-2011090091

Changelog

17.09.2011Initial release

18.09.2011Added reference [1]

19.09.2011Added reference [2]

20.09.2011Added reference [3] and [4]