TITLE:
phpWebSite “search” Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA28303

VERIFY ADVISORY:
http://secunia.com/advisories/28303/

CRITICAL:
Less critical

IMPACT:
Cross Site Scripting

WHERE:
From remote

SOFTWARE:
phpWebSite 0.x
http://secunia.com/product/297/
phpWebSite 1.x
http://secunia.com/product/17067/

DESCRIPTION:
Audun Larsen has discovered a vulnerability in phpWebSite, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to the “search” parameter in the search module is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user’s
browser session in context of an affected site.

The vulnerability is confirmed in version 1.4.0. Other versions may
also be affected.

SOLUTION:
A fix is reportedly available via Boost.

PROVIDED AND/OR DISCOVERED BY:
Audun Larsen

ORIGINAL ADVISORY:
phpWebSite:
http://phpwebsite.appstate.edu/blog/2143