XSS Patch Released
Date: Sunday, August 24 @ 22:36:15 CEST
Topic: Security


MikeMiles, a support staffer at Nuke Cops reported a new XSS exploit against PHP-Nuke and here is the patch that gets placed into the mainfile.php around line 674.

Find the following lines:

        
        $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^" >]*)[[:space:]]*\"?[^>]*>",
                         '<a href="1">', $str); # "
               // Delete all attribs from Anchor, except an href, double quoted.
        $str = eregi_replace("<[[:space:]]* img[[:space:]]*([^>]*)[[:space:]]*>", '', $str);
               // Delete all img tags


And place the following lines after:

        $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?javascript[[:punct:]]*\"?[^>]*>", '', $str);
               // Delete javascript code from a href tags -- Zhen-Xjell @ http://nukecops.com


This will prevent XSS javascript code. This is a common exploit that the patch guards against which could potentially steal the admin's cookie data.





This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=559