From d6db5cfaecfde7e94eea2ad016f11d54742eb721 Mon Sep 17 00:00:00 2001 From: simon Date: Tue, 9 Aug 2005 11:51:25 +0000 Subject: Document gforge -- XSS and email flood vulnerabilities. Approved by: portmgr (blanket, VuXML) --- security/vuxml/vuln.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b6228cc4fcc9..c0ff08b30239 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,52 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> + + gforge -- XSS and email flood vulnerabilities + + + gforge + 0 + + + + +

Jose Antonio Coret reports that GForge contains multiple + Cross Site Scripting vulnerabilities and an e-mail flood + vulnerability:

+
The login form is also vulnerable to XSS (Cross Site + Scripting) attacks. This may be used to launch phising + attacks by sending HTML e-mails (i.e.: saying that you + need to upgrade to the latest GForge version due to a + security problem) and putting in the e-mail an HTML link + that points to an specially crafted url that inserts an + html form in the GForge login page and when the user press + the login button, he/she send the credentials to the + attackers website.
+ +
The 'forgot your password?' feature allows a remote user + to load a certain URL to cause the service to send a + validation e-mail to the specified user's e-mail address. + There is no limit to the number of messages sent over a + period of time, so a remote user can flood the target + user's secondary e-mail address. E-Mail Flood, E-Mail + bomber.
+

+ + + + 14405 + CAN-2005-2430 + CAN-2005-2431 + http://marc.theaimsgroup.com/?l=bugtraq&m=112259845904350 + + + 2005-07-27 + 2005-08-09 + + + postnuke -- multiple vulnerabilities -- cgit